Updating access control information within a dispersed storage unit

ABSTRACT

A method begins by a dispersed storage (DS) processing module of a storage unit receiving a write request for storing a data object that includes updated access control list (ACL) information. The method continues with the DS processing module determining whether the data object is a new data object or a revised version of an existing data object and determining write authority of the requesting entity based on information contained in a locally stored access control list. When the write request is regarding the revised version of the existing data object and the write authority includes authorization to issue the write request for the revised version of the existing data object and authorization to issue the updated ACL information, the method continues with the DS processing module storing the revised version of the existing data object and updating the access control list based on the updated ACL information.

CROSS REFERENCE TO RELATED PATENTS

The present U.S. Utility patent application claims priority pursuant to35 U.S.C. § 120 as a continuation of U.S. Utility application Ser. No.13/869,655, entitled “UPDATING ACCESS CONTROL INFORMATION WITHIN ADISPERSED STORAGE UNIT”, filed Apr. 24, 2013, which claims prioritypursuant to 35 U.S.C. § 119(e) to U.S. Provisional Application No.61/655,736, entitled “STORING DATA IN A LAYERED DISTRIBUTED STORAGE ANDTASK NETWORK”, filed Jun. 5, 2012, both of which are hereby incorporatedherein by reference in their entirety and made part of the present U.S.Utility patent application for all purposes.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not Applicable.

INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A COMPACT DISC

Not Applicable.

BACKGROUND OF THE INVENTION Technical Field of the Invention

This invention relates generally to computer networks and moreparticularly to dispersed storage of data and distributed taskprocessing of data.

Description of Related Art

Computing devices are known to communicate data, process data, and/orstore data. Such computing devices range from wireless smart phones,laptops, tablets, personal computers (PC), work stations, and video gamedevices, to data centers that support millions of web searches, stocktrades, or on-line purchases every day. In general, a computing deviceincludes a central processing unit (CPU), a memory system, userinput/output interfaces, peripheral device interfaces, and aninterconnecting bus structure.

As is further known, a computer may effectively extend its CPU by using“cloud computing” to perform one or more computing functions (e.g., aservice, an application, an algorithm, an arithmetic logic function,etc.) on behalf of the computer. Further, for large services,applications, and/or functions, cloud computing may be performed bymultiple cloud computing resources in a distributed manner to improvethe response time for completion of the service, application, and/orfunction. For example, Hadoop is an open source software framework thatsupports distributed applications enabling application execution bythousands of computers.

In addition to cloud computing, a computer may use “cloud storage” aspart of its memory system. As is known, cloud storage enables a user,via its computer, to store files, applications, etc. on an Internetstorage system. The Internet storage system may include a RAID(redundant array of independent disks) system and/or a dispersed storagesystem that uses an error correction scheme to encode data for storage.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S)

FIG. 1 is a schematic block diagram of an embodiment of a distributedcomputing system in accordance with the present invention;

FIG. 2 is a schematic block diagram of an embodiment of a computing corein accordance with the present invention;

FIG. 3 is a diagram of an example of a distributed storage and taskprocessing in accordance with the present invention;

FIG. 4 is a schematic block diagram of an embodiment of an outbounddistributed storage and/or task (DST) processing in accordance with thepresent invention;

FIG. 5 is a logic diagram of an example of a method for outbound DSTprocessing in accordance with the present invention;

FIG. 6 is a schematic block diagram of an embodiment of a dispersederror encoding in accordance with the present invention;

FIG. 7 is a diagram of an example of a segment processing of thedispersed error encoding in accordance with the present invention;

FIG. 8 is a diagram of an example of error encoding and slicingprocessing of the dispersed error encoding in accordance with thepresent invention;

FIG. 9 is a diagram of an example of grouping selection processing ofthe outbound DST processing in accordance with the present invention;

FIG. 10 is a diagram of an example of converting data into slice groupsin accordance with the present invention;

FIG. 11 is a schematic block diagram of an embodiment of a DST executionunit in accordance with the present invention;

FIG. 12 is a schematic block diagram of an example of operation of a DSTexecution unit in accordance with the present invention;

FIG. 13 is a schematic block diagram of an embodiment of an inbounddistributed storage and/or task (DST) processing in accordance with thepresent invention;

FIG. 14 is a logic diagram of an example of a method for inbound DSTprocessing in accordance with the present invention;

FIG. 15 is a diagram of an example of de-grouping selection processingof the inbound DST processing in accordance with the present invention;

FIG. 16 is a schematic block diagram of an embodiment of a dispersederror decoding in accordance with the present invention;

FIG. 17 is a diagram of an example of de-slicing and error decodingprocessing of the dispersed error decoding in accordance with thepresent invention;

FIG. 18 is a diagram of an example of a de-segment processing of thedispersed error decoding in accordance with the present invention;

FIG. 19 is a diagram of an example of converting slice groups into datain accordance with the present invention;

FIG. 20 is a diagram of an example of a distributed storage within thedistributed computing system in accordance with the present invention;

FIG. 21 is a schematic block diagram of an example of operation ofoutbound distributed storage and/or task (DST) processing for storingdata in accordance with the present invention;

FIG. 22 is a schematic block diagram of an example of a dispersed errorencoding for the example of FIG. 21 in accordance with the presentinvention;

FIG. 23 is a diagram of an example of converting data into pillar slicegroups for storage in accordance with the present invention;

FIG. 24 is a schematic block diagram of an example of a storageoperation of a DST execution unit in accordance with the presentinvention;

FIG. 25 is a schematic block diagram of an example of operation ofinbound distributed storage and/or task (DST) processing for retrievingdispersed error encoded data in accordance with the present invention;

FIG. 26 is a schematic block diagram of an example of a dispersed errordecoding for the example of FIG. 25 in accordance with the presentinvention;

FIG. 27 is a schematic block diagram of an example of a distributedstorage and task processing network (DSTN) module storing a plurality ofdata and a plurality of task codes in accordance with the presentinvention;

FIG. 28 is a schematic block diagram of an example of the distributedcomputing system performing tasks on stored data in accordance with thepresent invention;

FIG. 29 is a schematic block diagram of an embodiment of a taskdistribution module facilitating the example of FIG. 28 in accordancewith the present invention;

FIG. 30 is a diagram of a specific example of the distributed computingsystem performing tasks on stored data in accordance with the presentinvention;

FIG. 31 is a schematic block diagram of an example of a distributedstorage and task processing network (DSTN) module storing data and taskcodes for the example of FIG. 30 in accordance with the presentinvention;

FIG. 32 is a diagram of an example of DST allocation information for theexample of FIG. 30 in accordance with the present invention;

FIGS. 33-38 are schematic block diagrams of the DSTN module performingthe example of FIG. 30 in accordance with the present invention;

FIG. 39 is a diagram of an example of combining result information intofinal results for the example of FIG. 30 in accordance with the presentinvention;

FIG. 40A is a schematic block diagram of another embodiment of adistributed computing system in accordance with the present invention;

FIG. 40B is a flowchart illustrating an example of migrating slices inaccordance with the present invention;

FIG. 41A is a schematic block diagram of an embodiment of a cloudcomputing system in accordance with the present invention;

FIG. 41B is a schematic block diagram of authentication system timing inaccordance with the present invention;

FIG. 41C is a flowchart illustrating an example of authenticating adevice in accordance with the present invention;

FIG. 41D is a schematic block diagram of another embodiment of a cloudcomputing system in accordance with the present invention;

FIG. 41E is a schematic block diagram of another embodiment of a cloudcomputing system in accordance with the present invention;

FIG. 42A is a schematic block diagram of another embodiment of adistributed computing system in accordance with the present invention;

FIG. 42B is a flowchart illustrating an example of load-balancing inaccordance with the present invention;

FIG. 43A is a schematic block diagram of another embodiment of adistributed computing system in accordance with the present invention;

FIG. 43B is a flowchart illustrating an example of writing data inaccordance with the present invention;

FIG. 43C is a flowchart illustrating an example of reading data inaccordance with the present invention;

FIG. 44 is a flowchart illustrating an example of testing a distributedstorage and task network (DSTN) in accordance with the presentinvention;

FIG. 45A is a schematic block diagram of an embodiment of a storage unitin accordance with the present invention;

FIG. 45B is a flowchart illustrating an example of storing a slice inaccordance with the present invention;

FIG. 45C is a flowchart illustrating an example of retrieving a slice inaccordance with the present invention;

FIG. 46A is a diagram illustrating an example of an access control list(ACL) structure in accordance with the present invention;

FIG. 46B is a diagram illustrating an example of a registry structure inaccordance with the present invention;

FIG. 46C is a flowchart illustrating an example of generating an accesscontrol list (ACL) in accordance with the present invention;

FIG. 46D is a flowchart illustrating an example of utilizing an accesscontrol list (ACL) in accordance with the present invention;

FIG. 47A is a diagram illustrating an example of a realm objectstructure in accordance with the present invention;

FIG. 47B is a flowchart illustrating an example of generating a realmobject in accordance with the present invention; and

FIG. 47C is a flowchart illustrating an example of the deleting a realmobject in accordance with the present invention.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 is a schematic block diagram of an embodiment of a distributedcomputing system 10 that includes a user device 12 and/or a user device14, a distributed storage and/or task (DST) processing unit 16, adistributed storage and/or task network (DSTN) managing unit 18, a DSTintegrity processing unit 20, and a distributed storage and/or tasknetwork (DSTN) module 22. The components of the distributed computingsystem 10 are coupled via a network 24, which may include one or morewireless and/or wire lined communication systems; one or more privateintranet systems and/or public internet systems; and/or one or morelocal area networks (LAN) and/or wide area networks (WAN).

The DSTN module 22 includes a plurality of distributed storage and/ortask (DST) execution units 36 that may be located at geographicallydifferent sites (e.g., one in Chicago, one in Milwaukee, etc.). Each ofthe DST execution units is operable to store dispersed error encodeddata and/or to execute, in a distributed manner, one or more tasks ondata. The tasks may be a simple function (e.g., a mathematical function,a logic function, an identify function, a find function, a search enginefunction, a replace function, etc.), a complex function (e.g.,compression, human and/or computer language translation, text-to-voiceconversion, voice-to-text conversion, etc.), multiple simple and/orcomplex functions, one or more algorithms, one or more applications,etc.

Each of the user devices 12-14, the DST processing unit 16, the DSTNmanaging unit 18, and the DST integrity processing unit 20 include acomputing core 26 and may be a portable computing device and/or a fixedcomputing device. A portable computing device may be a social networkingdevice, a gaming device, a cell phone, a smart phone, a personal digitalassistant, a digital music player, a digital video player, a laptopcomputer, a handheld computer, a tablet, a video game controller, and/orany other portable device that includes a computing core. A fixedcomputing device may be a personal computer (PC), a computer server, acable set-top box, a satellite receiver, a television set, a printer, afax machine, home entertainment equipment, a video game console, and/orany type of home or office computing equipment. User device 12 and DSTprocessing unit 16 are configured to include a DST client module 34.

With respect to interfaces, each interface 30, 32, and 33 includessoftware and/or hardware to support one or more communication links viathe network 24 indirectly and/or directly. For example, interface 30supports a communication link (e.g., wired, wireless, direct, via a LAN,via the network 24, etc.) between user device 14 and the DST processingunit 16. As another example, interface 32 supports communication links(e.g., a wired connection, a wireless connection, a LAN connection,and/or any other type of connection to/from the network 24) between userdevice 12 and the DSTN module 22 and between the DST processing unit 16and the DSTN module 22. As yet another example, interface 33 supports acommunication link for each of the DSTN managing unit 18 and DSTintegrity processing unit 20 to the network 24.

The distributed computing system 10 is operable to support dispersedstorage (DS) error encoded data storage and retrieval, to supportdistributed task processing on received data, and/or to supportdistributed task processing on stored data. In general and with respectto DS error encoded data storage and retrieval, the distributedcomputing system 10 supports three primary operations: storagemanagement, data storage and retrieval (an example of which will bediscussed with reference to FIGS. 20-26), and data storage integrityverification. In accordance with these three primary functions, data canbe encoded, distributedly stored in physically different locations, andsubsequently retrieved in a reliable and secure manner. Such a system istolerant of a significant number of failures (e.g., up to a failurelevel, which may be greater than or equal to a pillar width minus adecode threshold minus one) that may result from individual storagedevice failures and/or network equipment failures without loss of dataand without the need for a redundant or backup copy. Further, the systemallows the data to be stored for an indefinite period of time withoutdata loss and does so in a secure manner (e.g., the system is veryresistant to attempts at hacking the data).

The second primary function (i.e., distributed data storage andretrieval) begins and ends with a user device 12-14. For instance, if asecond type of user device 14 has data 40 to store in the DSTN module22, it sends the data 40 to the DST processing unit 16 via its interface30. The interface 30 functions to mimic a conventional operating system(OS) file system interface (e.g., network file system (NFS), flash filesystem (FFS), disk file system (DFS), file transfer protocol (FTP),web-based distributed authoring and versioning (WebDAV), etc.) and/or ablock memory interface (e.g., small computer system interface (SCSI),internet small computer system interface (iSCSI), etc.). In addition,the interface 30 may attach a user identification code (ID) to the data40.

To support storage management, the DSTN managing unit 18 performs DSmanagement services. One such DS management service includes the DSTNmanaging unit 18 establishing distributed data storage parameters (e.g.,vault creation, distributed storage parameters, security parameters,billing information, user profile information, etc.) for a user device12-14 individually or as part of a group of user devices. For example,the DSTN managing unit 18 coordinates creation of a vault (e.g., avirtual memory block) within memory of the DSTN module 22 for a userdevice, a group of devices, or for public access and establishes pervault dispersed storage (DS) error encoding parameters for a vault. TheDSTN managing unit 18 may facilitate storage of DS error encodingparameters for each vault of a plurality of vaults by updating registryinformation for the distributed computing system 10. The facilitatingincludes storing updated registry information in one or more of the DSTNmodule 22, the user device 12, the DST processing unit 16, and the DSTintegrity processing unit 20.

The DS error encoding parameters (e.g., or dispersed storage errorcoding parameters) include data segmenting information (e.g., how manysegments data (e.g., a file, a group of files, a data block, etc.) isdivided into), segment security information (e.g., per segmentencryption, compression, integrity checksum, etc.), error codinginformation (e.g., pillar width, decode threshold, read threshold, writethreshold, etc.), slicing information (e.g., the number of encoded dataslices that will be created for each data segment); and slice securityinformation (e.g., per encoded data slice encryption, compression,integrity checksum, etc.).

The DSTN managing unit 18 creates and stores user profile information(e.g., an access control list (ACL)) in local memory and/or withinmemory of the DSTN module 22. The user profile information includesauthentication information, permissions, and/or the security parameters.The security parameters may include encryption/decryption scheme, one ormore encryption keys, key generation scheme, and/or dataencoding/decoding scheme.

The DSTN managing unit 18 creates billing information for a particularuser, a user group, a vault access, public vault access, etc. Forinstance, the DSTN managing unit 18 tracks the number of times a useraccesses a private vault and/or public vaults, which can be used togenerate a per-access billing information. In another instance, the DSTNmanaging unit 18 tracks the amount of data stored and/or retrieved by auser device and/or a user group, which can be used to generate aper-data-amount billing information.

Another DS management service includes the DSTN managing unit 18performing network operations, network administration, and/or networkmaintenance. Network operations includes authenticating user dataallocation requests (e.g., read and/or write requests), managingcreation of vaults, establishing authentication credentials for userdevices, adding/deleting components (e.g., user devices, DST executionunits, and/or DST processing units) from the distributed computingsystem 10, and/or establishing authentication credentials for DSTexecution units 36. Network administration includes monitoring devicesand/or units for failures, maintaining vault information, determiningdevice and/or unit activation status, determining device and/or unitloading, and/or determining any other system level operation thataffects the performance level of the system 10. Network maintenanceincludes facilitating replacing, upgrading, repairing, and/or expandinga device and/or unit of the system 10.

To support data storage integrity verification within the distributedcomputing system 10, the DST integrity processing unit 20 performsrebuilding of ‘bad’ or missing encoded data slices. At a high level, theDST integrity processing unit 20 performs rebuilding by periodicallyattempting to retrieve/list encoded data slices, and/or slice names ofthe encoded data slices, from the DSTN module 22. For retrieved encodedslices, they are checked for errors due to data corruption, outdatedversion, etc. If a slice includes an error, it is flagged as a ‘bad’slice. For encoded data slices that were not received and/or not listed,they are flagged as missing slices. Bad and/or missing slices aresubsequently rebuilt using other retrieved encoded data slices that aredeemed to be good slices to produce rebuilt slices. The rebuilt slicesare stored in memory of the DSTN module 22. Note that the DST integrityprocessing unit 20 may be a separate unit as shown, it may be includedin the DSTN module 22, it may be included in the DST processing unit 16,and/or distributed among the DST execution units 36.

To support distributed task processing on received data, the distributedcomputing system 10 has two primary operations: DST (distributed storageand/or task processing) management and DST execution on received data(an example of which will be discussed with reference to FIGS. 3-19).With respect to the storage portion of the DST management, the DSTNmanaging unit 18 functions as previously described. With respect to thetasking processing of the DST management, the DSTN managing unit 18performs distributed task processing (DTP) management services. One suchDTP management service includes the DSTN managing unit 18 establishingDTP parameters (e.g., user-vault affiliation information, billinginformation, user-task information, etc.) for a user device 12-14individually or as part of a group of user devices.

Another DTP management service includes the DSTN managing unit 18performing DTP network operations, network administration (which isessentially the same as described above), and/or network maintenance(which is essentially the same as described above). Network operationsinclude, but are not limited to, authenticating user task processingrequests (e.g., valid request, valid user, etc.), authenticating resultsand/or partial results, establishing DTP authentication credentials foruser devices, adding/deleting components (e.g., user devices, DSTexecution units, and/or DST processing units) from the distributedcomputing system, and/or establishing DTP authentication credentials forDST execution units.

To support distributed task processing on stored data, the distributedcomputing system 10 has two primary operations: DST (distributed storageand/or task) management and DST execution on stored data. With respectto the DST execution on stored data, if the second type of user device14 has a task request 38 for execution by the DSTN module 22, it sendsthe task request 38 to the DST processing unit 16 via its interface 30.An example of DST execution on stored data will be discussed in greaterdetail with reference to FIGS. 27-39. With respect to the DSTmanagement, it is substantially similar to the DST management to supportdistributed task processing on received data.

FIG. 2 is a schematic block diagram of an embodiment of a computing core26 that includes a processing module 50, a memory controller 52, mainmemory 54, a video graphics processing unit 55, an input/output (TO)controller 56, a peripheral component interconnect (PCI) interface 58,an IO interface module 60, at least one IO device interface module 62, aread only memory (ROM) basic input output system (BIOS) 64, and one ormore memory interface modules. The one or more memory interfacemodule(s) includes one or more of a universal serial bus (USB) interfacemodule 66, a host bus adapter (HBA) interface module 68, a networkinterface module 70, a flash interface module 72, a hard drive interfacemodule 74, and a DSTN interface module 76.

The DSTN interface module 76 functions to mimic a conventional operatingsystem (OS) file system interface (e.g., network file system (NFS),flash file system (FFS), disk file system (DFS), file transfer protocol(FTP), web-based distributed authoring and versioning (WebDAV), etc.)and/or a block memory interface (e.g., small computer system interface(SCSI), internet small computer system interface (iSCSI), etc.). TheDSTN interface module 76 and/or the network interface module 70 mayfunction as the interface 30 of the user device 14 of FIG. 1. Furthernote that the IO device interface module 62 and/or the memory interfacemodules may be collectively or individually referred to as IO ports.

FIG. 3 is a diagram of an example of the distributed computing systemperforming a distributed storage and task processing operation. Thedistributed computing system includes a DST (distributed storage and/ortask) client module 34 (which may be in user device 14 and/or in DSTprocessing unit 16 of FIG. 1), a network 24, a plurality of DSTexecution units 1-n that includes two or more DST execution units 36 ofFIG. 1 (which form at least a portion of DSTN module 22 of FIG. 1), aDST managing module (not shown), and a DST integrity verification module(not shown). The DST client module 34 includes an outbound DSTprocessing section 80 and an inbound DST processing section 82. Each ofthe DST execution units 1-n includes a controller 86, a processingmodule 84, memory 88, a DT (distributed task) execution module 90, and aDST client module 34.

In an example of operation, the DST client module 34 receives data 92and one or more tasks 94 to be performed upon the data 92. The data 92may be of any size and of any content, where, due to the size (e.g.,greater than a few Terabytes), the content (e.g., secure data, etc.),and/or task(s) (e.g., MIPS intensive), distributed processing of thetask(s) on the data is desired. For example, the data 92 may be one ormore digital books, a copy of a company's emails, a large-scale Internetsearch, a video security file, one or more entertainment video files(e.g., television programs, movies, etc.), data files, and/or any otherlarge amount of data (e.g., greater than a few Terabytes).

Within the DST client module 34, the outbound DST processing section 80receives the data 92 and the task(s) 94. The outbound DST processingsection 80 processes the data 92 to produce slice groupings 96. As anexample of such processing, the outbound DST processing section 80partitions the data 92 into a plurality of data partitions. For eachdata partition, the outbound DST processing section 80 dispersed storage(DS) error encodes the data partition to produce encoded data slices andgroups the encoded data slices into a slice grouping 96. In addition,the outbound DST processing section 80 partitions the task 94 intopartial tasks 98, where the number of partial tasks 98 may correspond tothe number of slice groupings 96.

The outbound DST processing section 80 then sends, via the network 24,the slice groupings 96 and the partial tasks 98 to the DST executionunits 1-n of the DSTN module 22 of FIG. 1. For example, the outbound DSTprocessing section 80 sends slice group 1 and partial task 1 to DSTexecution unit 1. As another example, the outbound DST processingsection 80 sends slice group #n and partial task #n to DST executionunit #n.

Each DST execution unit performs its partial task 98 upon its slicegroup 96 to produce partial results 102. For example, DST execution unit#1 performs partial task #1 on slice group #1 to produce a partialresult #1, for results. As a more specific example, slice group #1corresponds to a data partition of a series of digital books and thepartial task #1 corresponds to searching for specific phrases, recordingwhere the phrase is found, and establishing a phrase count. In this morespecific example, the partial result #1 includes information as to wherethe phrase was found and includes the phrase count.

Upon completion of generating their respective partial results 102, theDST execution units send, via the network 24, their partial results 102to the inbound DST processing section 82 of the DST client module 34.The inbound DST processing section 82 processes the received partialresults 102 to produce a result 104. Continuing with the specificexample of the preceding paragraph, the inbound DST processing section82 combines the phrase count from each of the DST execution units 36 toproduce a total phrase count. In addition, the inbound DST processingsection 82 combines the ‘where the phrase was found’ information fromeach of the DST execution units 36 within their respective datapartitions to produce ‘where the phrase was found’ information for theseries of digital books.

In another example of operation, the DST client module 34 requestsretrieval of stored data within the memory of the DST execution units 36(e.g., memory of the DSTN module). In this example, the task 94 isretrieve data stored in the memory of the DSTN module. Accordingly, theoutbound DST processing section 80 converts the task 94 into a pluralityof partial tasks 98 and sends the partial tasks 98 to the respective DSTexecution units 1-n.

In response to the partial task 98 of retrieving stored data, a DSTexecution unit 36 identifies the corresponding encoded data slices 100and retrieves them. For example, DST execution unit #1 receives partialtask #1 and retrieves, in response thereto, retrieved slices #1. The DSTexecution units 36 send their respective retrieved slices 100 to theinbound DST processing section 82 via the network 24.

The inbound DST processing section 82 converts the retrieved slices 100into data 92. For example, the inbound DST processing section 82de-groups the retrieved slices 100 to produce encoded slices per datapartition. The inbound DST processing section 82 then DS error decodesthe encoded slices per data partition to produce data partitions. Theinbound DST processing section 82 de-partitions the data partitions torecapture the data 92.

FIG. 4 is a schematic block diagram of an embodiment of an outbounddistributed storage and/or task (DST) processing section 80 of a DSTclient module 34 FIG. 1 coupled to a DSTN module 22 of a FIG. 1 (e.g., aplurality of n DST execution units 36) via a network 24. The outboundDST processing section 80 includes a data partitioning module 110, adispersed storage (DS) error encoding module 112, a grouping selectormodule 114, a control module 116, and a distributed task control module118.

In an example of operation, the data partitioning module 110 partitionsdata 92 into a plurality of data partitions 120. The number ofpartitions and the size of the partitions may be selected by the controlmodule 116 via control 160 based on the data 92 (e.g., its size, itscontent, etc.), a corresponding task 94 to be performed (e.g., simple,complex, single step, multiple steps, etc.), DS encoding parameters(e.g., pillar width, decode threshold, write threshold, segment securityparameters, slice security parameters, etc.), capabilities of the DSTexecution units 36 (e.g., processing resources, availability ofprocessing recourses, etc.), and/or as may be inputted by a user, systemadministrator, or other operator (human or automated). For example, thedata partitioning module 110 partitions the data 92 (e.g., 100Terabytes) into 100,000 data segments, each being 1 Gigabyte in size.Alternatively, the data partitioning module 110 partitions the data 92into a plurality of data segments, where some of data segments are of adifferent size, are of the same size, or a combination thereof.

The DS error encoding module 112 receives the data partitions 120 in aserial manner, a parallel manner, and/or a combination thereof. For eachdata partition 120, the DS error encoding module 112 DS error encodesthe data partition 120 in accordance with control information 160 fromthe control module 116 to produce encoded data slices 122. The DS errorencoding includes segmenting the data partition into data segments,segment security processing (e.g., encryption, compression,watermarking, integrity check (e.g., CRC), etc.), error encoding,slicing, and/or per slice security processing (e.g., encryption,compression, watermarking, integrity check (e.g., CRC), etc.). Thecontrol information 160 indicates which steps of the DS error encodingare active for a given data partition and, for active steps, indicatesthe parameters for the step. For example, the control information 160indicates that the error encoding is active and includes error encodingparameters (e.g., pillar width, decode threshold, write threshold, readthreshold, type of error encoding, etc.).

The grouping selector module 114 groups the encoded slices 122 of a datapartition into a set of slice groupings 96. The number of slicegroupings corresponds to the number of DST execution units 36 identifiedfor a particular task 94. For example, if five DST execution units 36are identified for the particular task 94, the grouping selector modulegroups the encoded slices 122 of a data partition into five slicegroupings 96. The grouping selector module 114 outputs the slicegroupings 96 to the corresponding DST execution units 36 via the network24.

The distributed task control module 118 receives the task 94 andconverts the task 94 into a set of partial tasks 98. For example, thedistributed task control module 118 receives a task to find where in thedata (e.g., a series of books) a phrase occurs and a total count of thephrase usage in the data. In this example, the distributed task controlmodule 118 replicates the task 94 for each DST execution unit 36 toproduce the partial tasks 98. In another example, the distributed taskcontrol module 118 receives a task to find where in the data a firstphrase occurs, wherein in the data a second phrase occurs, and a totalcount for each phrase usage in the data. In this example, thedistributed task control module 118 generates a first set of partialtasks 98 for finding and counting the first phrase and a second set ofpartial tasks for finding and counting the second phrase. Thedistributed task control module 118 sends respective first and/or secondpartial tasks 98 to each DST execution unit 36.

FIG. 5 is a logic diagram of an example of a method for outbounddistributed storage and task (DST) processing that begins at step 126where a DST client module receives data and one or more correspondingtasks. The method continues at step 128 where the DST client moduledetermines a number of DST units to support the task for one or moredata partitions. For example, the DST client module may determine thenumber of DST units to support the task based on the size of the data,the requested task, the content of the data, a predetermined number(e.g., user indicated, system administrator determined, etc.), availableDST units, capability of the DST units, and/or any other factorregarding distributed task processing of the data. The DST client modulemay select the same DST units for each data partition, may selectdifferent DST units for the data partitions, or a combination thereof.

The method continues at step 130 where the DST client module determinesprocessing parameters of the data based on the number of DST unitsselected for distributed task processing. The processing parametersinclude data partitioning information, DS encoding parameters, and/orslice grouping information. The data partitioning information includes anumber of data partitions, size of each data partition, and/ororganization of the data partitions (e.g., number of data blocks in apartition, the size of the data blocks, and arrangement of the datablocks). The DS encoding parameters include segmenting information,segment security information, error encoding information (e.g.,dispersed storage error encoding function parameters including one ormore of pillar width, decode threshold, write threshold, read threshold,generator matrix), slicing information, and/or per slice securityinformation. The slice grouping information includes informationregarding how to arrange the encoded data slices into groups for theselected DST units. As a specific example, if the DST client moduledetermines that five DST units are needed to support the task, then itdetermines that the error encoding parameters include a pillar width offive and a decode threshold of three.

The method continues at step 132 where the DST client module determinestask partitioning information (e.g., how to partition the tasks) basedon the selected DST units and data processing parameters. The dataprocessing parameters include the processing parameters and DST unitcapability information. The DST unit capability information includes thenumber of DT (distributed task) execution units, execution capabilitiesof each DT execution unit (e.g., MIPS capabilities, processing resources(e.g., quantity and capability of microprocessors, CPUs, digital signalprocessors, co-processor, microcontrollers, arithmetic logic circuitry,and/or any other analog and/or digital processing circuitry),availability of the processing resources, memory information (e.g.,type, size, availability, etc.), and/or any information germane toexecuting one or more tasks.

The method continues at step 134 where the DST client module processesthe data in accordance with the processing parameters to produce slicegroupings. The method continues at step 136 where the DST client modulepartitions the task based on the task partitioning information toproduce a set of partial tasks. The method continues at step 138 wherethe DST client module sends the slice groupings and the correspondingpartial tasks to respective DST units.

FIG. 6 is a schematic block diagram of an embodiment of the dispersedstorage (DS) error encoding module 112 of an outbound distributedstorage and task (DST) processing section. The DS error encoding module112 includes a segment processing module 142, a segment securityprocessing module 144, an error encoding module 146, a slicing module148, and a per slice security processing module 150. Each of thesemodules is coupled to a control module 116 to receive controlinformation 160 therefrom.

In an example of operation, the segment processing module 142 receives adata partition 120 from a data partitioning module and receivessegmenting information as the control information 160 from the controlmodule 116. The segmenting information indicates how the segmentprocessing module 142 is to segment the data partition 120. For example,the segmenting information indicates how many rows to segment the databased on a decode threshold of an error encoding scheme, indicates howmany columns to segment the data into based on a number and size of datablocks within the data partition 120, and indicates how many columns toinclude in a data segment 152. The segment processing module 142segments the data 120 into data segments 152 in accordance with thesegmenting information.

The segment security processing module 144, when enabled by the controlmodule 116, secures the data segments 152 based on segment securityinformation received as control information 160 from the control module116. The segment security information includes data compression,encryption, watermarking, integrity check (e.g., cyclic redundancy check(CRC), etc.), and/or any other type of digital security. For example,when the segment security processing module 144 is enabled, it maycompress a data segment 152, encrypt the compressed data segment, andgenerate a CRC value for the encrypted data segment to produce a securedata segment 154. When the segment security processing module 144 is notenabled, it passes the data segments 152 to the error encoding module146 or is bypassed such that the data segments 152 are provided to theerror encoding module 146.

The error encoding module 146 encodes the secure data segments 154 inaccordance with error correction encoding parameters received as controlinformation 160 from the control module 116. The error correctionencoding parameters (e.g., also referred to as dispersed storage errorcoding parameters) include identifying an error correction encodingscheme (e.g., forward error correction algorithm, a Reed-Solomon basedalgorithm, an online coding algorithm, an information dispersalalgorithm, etc.), a pillar width, a decode threshold, a read threshold,a write threshold, etc. For example, the error correction encodingparameters identify a specific error correction encoding scheme,specifies a pillar width of five, and specifies a decode threshold ofthree. From these parameters, the error encoding module 146 encodes adata segment 154 to produce an encoded data segment 156.

The slicing module 148 slices the encoded data segment 156 in accordancewith the pillar width of the error correction encoding parametersreceived as control information 160. For example, if the pillar width isfive, the slicing module 148 slices an encoded data segment 156 into aset of five encoded data slices. As such, for a plurality of encodeddata segments 156 for a given data partition, the slicing module outputsa plurality of sets of encoded data slices 158.

The per slice security processing module 150, when enabled by thecontrol module 116, secures each encoded data slice 158 based on slicesecurity information received as control information 160 from thecontrol module 116. The slice security information includes datacompression, encryption, watermarking, integrity check (e.g., CRC,etc.), and/or any other type of digital security. For example, when theper slice security processing module 150 is enabled, it compresses anencoded data slice 158, encrypts the compressed encoded data slice, andgenerates a CRC value for the encrypted encoded data slice to produce asecure encoded data slice 122. When the per slice security processingmodule 150 is not enabled, it passes the encoded data slices 158 or isbypassed such that the encoded data slices 158 are the output of the DSerror encoding module 112. Note that the control module 116 may beomitted and each module stores its own parameters.

FIG. 7 is a diagram of an example of a segment processing of a dispersedstorage (DS) error encoding module. In this example, a segmentprocessing module 142 receives a data partition 120 that includes 45data blocks (e.g., d1-d45), receives segmenting information (i.e.,control information 160) from a control module, and segments the datapartition 120 in accordance with the control information 160 to producedata segments 152. Each data block may be of the same size as other datablocks or of a different size. In addition, the size of each data blockmay be a few bytes to megabytes of data. As previously mentioned, thesegmenting information indicates how many rows to segment the datapartition into, indicates how many columns to segment the data partitioninto, and indicates how many columns to include in a data segment.

In this example, the decode threshold of the error encoding scheme isthree; as such the number of rows to divide the data partition into isthree. The number of columns for each row is set to 15, which is basedon the number and size of data blocks. The data blocks of the datapartition are arranged in rows and columns in a sequential order (i.e.,the first row includes the first 15 data blocks; the second row includesthe second 15 data blocks; and the third row includes the last 15 datablocks).

With the data blocks arranged into the desired sequential order, theyare divided into data segments based on the segmenting information. Inthis example, the data partition is divided into 8 data segments; thefirst 7 include 2 columns of three rows and the last includes 1 columnof three rows. Note that the first row of the 8 data segments is insequential order of the first 15 data blocks; the second row of the 8data segments in sequential order of the second 15 data blocks; and thethird row of the 8 data segments in sequential order of the last 15 datablocks. Note that the number of data blocks, the grouping of the datablocks into segments, and size of the data blocks may vary toaccommodate the desired distributed task processing function.

FIG. 8 is a diagram of an example of error encoding and slicingprocessing of the dispersed error encoding processing the data segmentsof FIG. 7. In this example, data segment 1 includes 3 rows with each rowbeing treated as one word for encoding. As such, data segment 1 includesthree words for encoding: word 1 including data blocks d1 and d2, word 2including data blocks d16 and d17, and word 3 including data blocks d31and d32. Each of data segments 2-7 includes three words where each wordincludes two data blocks. Data segment 8 includes three words where eachword includes a single data block (e.g., d15, d30, and d45).

In operation, an error encoding module 146 and a slicing module 148convert each data segment into a set of encoded data slices inaccordance with error correction encoding parameters as controlinformation 160. More specifically, when the error correction encodingparameters indicate a unity matrix Reed-Solomon based encodingalgorithm, 5 pillars, and decode threshold of 3, the first three encodeddata slices of the set of encoded data slices for a data segment aresubstantially similar to the corresponding word of the data segment. Forinstance, when the unity matrix Reed-Solomon based encoding algorithm isapplied to data segment 1, the content of the first encoded data slice(DS1_d1&2) of the first set of encoded data slices (e.g., correspondingto data segment 1) is substantially similar to content of the first word(e.g., d1 & d2); the content of the second encoded data slice(DS1_d16&17) of the first set of encoded data slices is substantiallysimilar to content of the second word (e.g., d16 & d17); and the contentof the third encoded data slice (DS1_d31&32) of the first set of encodeddata slices is substantially similar to content of the third word (e.g.,d31 & d32).

The content of the fourth and fifth encoded data slices (e.g., ES1_1 andES1_2) of the first set of encoded data slices include error correctiondata based on the first-third words of the first data segment. With suchan encoding and slicing scheme, retrieving any three of the five encodeddata slices allows the data segment to be accurately reconstructed.

The encoding and slicing of data segments 2-7 yield sets of encoded dataslices similar to the set of encoded data slices of data segment 1. Forinstance, the content of the first encoded data slice (DS2_d3&4) of thesecond set of encoded data slices (e.g., corresponding to data segment2) is substantially similar to content of the first word (e.g., d3 &d4); the content of the second encoded data slice (DS2_d18&19) of thesecond set of encoded data slices is substantially similar to content ofthe second word (e.g., d18 & d19); and the content of the third encodeddata slice (DS2_d33&34) of the second set of encoded data slices issubstantially similar to content of the third word (e.g., d33 & d34).The content of the fourth and fifth encoded data slices (e.g., ES1_1 andES1_2) of the second set of encoded data slices includes errorcorrection data based on the first-third words of the second datasegment.

FIG. 9 is a diagram of an example of grouping selection processing of anoutbound distributed storage and task (DST) processing in accordancewith group selection information as control information 160 from acontrol module. Encoded slices for data partition 122 are grouped inaccordance with the control information 160 to produce slice groupings96. In this example, a grouping selection module 114 organizes theencoded data slices into five slice groupings (e.g., one for each DSTexecution unit of a distributed storage and task network (DSTN) module).As a specific example, the grouping selection module 114 creates a firstslice grouping for a DST execution unit #1, which includes first encodedslices of each of the sets of encoded slices. As such, the first DSTexecution unit receives encoded data slices corresponding to data blocks1-15 (e.g., encoded data slices of contiguous data).

The grouping selection module 114 also creates a second slice groupingfor a DST execution unit #2, which includes second encoded slices ofeach of the sets of encoded slices. As such, the second DST executionunit receives encoded data slices corresponding to data blocks 16-30.The grouping selection module 114 further creates a third slice groupingfor DST execution unit #3, which includes third encoded slices of eachof the sets of encoded slices. As such, the third DST execution unitreceives encoded data slices corresponding to data blocks 31-45.

The grouping selection module 114 creates a fourth slice grouping forDST execution unit #4, which includes fourth encoded slices of each ofthe sets of encoded slices. As such, the fourth DST execution unitreceives encoded data slices corresponding to first error encodinginformation (e.g., encoded data slices of error coding (EC) data). Thegrouping selection module 114 further creates a fifth slice grouping forDST execution unit #5, which includes fifth encoded slices of each ofthe sets of encoded slices. As such, the fifth DST execution unitreceives encoded data slices corresponding to second error encodinginformation.

FIG. 10 is a diagram of an example of converting data 92 into slicegroups that expands on the preceding figures. As shown, the data 92 ispartitioned in accordance with a partitioning function 164 into aplurality of data partitions (1-x, where x is an integer greater than4). Each data partition (or chunkset of data) is encoded and groupedinto slice groupings as previously discussed by an encoding and groupingfunction 166. For a given data partition, the slice groupings are sentto distributed storage and task (DST) execution units. From datapartition to data partition, the ordering of the slice groupings to theDST execution units may vary.

For example, the slice groupings of data partition #1 is sent to the DSTexecution units such that the first DST execution receives first encodeddata slices of each of the sets of encoded data slices, whichcorresponds to a first continuous data chunk of the first data partition(e.g., refer to FIG. 9), a second DST execution receives second encodeddata slices of each of the sets of encoded data slices, whichcorresponds to a second continuous data chunk of the first datapartition, etc.

For the second data partition, the slice groupings may be sent to theDST execution units in a different order than it was done for the firstdata partition. For instance, the first slice grouping of the seconddata partition (e.g., slice group 2_1) is sent to the second DSTexecution unit; the second slice grouping of the second data partition(e.g., slice group 2_2) is sent to the third DST execution unit; thethird slice grouping of the second data partition (e.g., slice group2_3) is sent to the fourth DST execution unit; the fourth slice groupingof the second data partition (e.g., slice group 2_4, which includesfirst error coding information) is sent to the fifth DST execution unit;and the fifth slice grouping of the second data partition (e.g., slicegroup 2_5, which includes second error coding information) is sent tothe first DST execution unit.

The pattern of sending the slice groupings to the set of DST executionunits may vary in a predicted pattern, a random pattern, and/or acombination thereof from data partition to data partition. In addition,from data partition to data partition, the set of DST execution unitsmay change. For example, for the first data partition, DST executionunits 1-5 may be used; for the second data partition, DST executionunits 6-10 may be used; for the third data partition, DST executionunits 3-7 may be used; etc. As is also shown, the task is divided intopartial tasks that are sent to the DST execution units in conjunctionwith the slice groupings of the data partitions.

FIG. 11 is a schematic block diagram of an embodiment of a DST(distributed storage and/or task) execution unit that includes aninterface 169, a controller 86, memory 88, one or more DT (distributedtask) execution modules 90, and a DST client module 34. The memory 88 isof sufficient size to store a significant number of encoded data slices(e.g., thousands of slices to hundreds-of-millions of slices) and mayinclude one or more hard drives and/or one or more solid-state memorydevices (e.g., flash memory, DRAM, etc.).

In an example of storing a slice group, the DST execution modulereceives a slice grouping 96 (e.g., slice group #1) via interface 169.The slice grouping 96 includes, per partition, encoded data slices ofcontiguous data or encoded data slices of error coding (EC) data. Forslice group #1, the DST execution module receives encoded data slices ofcontiguous data for partitions #1 and #x (and potentially others between3 and x) and receives encoded data slices of EC data for partitions #2and #3 (and potentially others between 3 and x). Examples of encodeddata slices of contiguous data and encoded data slices of error coding(EC) data are discussed with reference to FIG. 9. The memory 88 storesthe encoded data slices of slice groupings 96 in accordance with memorycontrol information 174 it receives from the controller 86.

The controller 86 (e.g., a processing module, a CPU, etc.) generates thememory control information 174 based on a partial task(s) 98 anddistributed computing information (e.g., user information (e.g., userID, distributed computing permissions, data access permission, etc.),vault information (e.g., virtual memory assigned to user, user group,temporary storage for task processing, etc.), task validationinformation, etc.). For example, the controller 86 interprets thepartial task(s) 98 in light of the distributed computing information todetermine whether a requestor is authorized to perform the task 98, isauthorized to access the data, and/or is authorized to perform the taskon this particular data. When the requestor is authorized, thecontroller 86 determines, based on the task 98 and/or another input,whether the encoded data slices of the slice grouping 96 are to betemporarily stored or permanently stored. Based on the foregoing, thecontroller 86 generates the memory control information 174 to write theencoded data slices of the slice grouping 96 into the memory 88 and toindicate whether the slice grouping 96 is permanently stored ortemporarily stored.

With the slice grouping 96 stored in the memory 88, the controller 86facilitates execution of the partial task(s) 98. In an example, thecontroller 86 interprets the partial task 98 in light of thecapabilities of the DT execution module(s) 90. The capabilities includeone or more of MIPS capabilities, processing resources (e.g., quantityand capability of microprocessors, CPUs, digital signal processors,co-processor, microcontrollers, arithmetic logic circuitry, and/or anyother analog and/or digital processing circuitry), availability of theprocessing resources, etc. If the controller 86 determines that the DTexecution module(s) 90 have sufficient capabilities, it generates taskcontrol information 176.

The task control information 176 may be a generic instruction (e.g.,perform the task on the stored slice grouping) or a series ofoperational codes. In the former instance, the DT execution module 90includes a co-processor function specifically configured (fixed orprogrammed) to perform the desired task 98. In the latter instance, theDT execution module 90 includes a general processor topology where thecontroller stores an algorithm corresponding to the particular task 98.In this instance, the controller 86 provides the operational codes(e.g., assembly language, source code of a programming language, objectcode, etc.) of the algorithm to the DT execution module 90 forexecution.

Depending on the nature of the task 98, the DT execution module 90 maygenerate intermediate partial results 102 that are stored in the memory88 or in a cache memory (not shown) within the DT execution module 90.In either case, when the DT execution module 90 completes execution ofthe partial task 98, it outputs one or more partial results 102. Thepartial results 102 may also be stored in memory 88.

If, when the controller 86 is interpreting whether capabilities of theDT execution module(s) 90 can support the partial task 98, thecontroller 86 determines that the DT execution module(s) 90 cannotadequately support the task 98 (e.g., does not have the right resources,does not have sufficient available resources, available resources wouldbe too slow, etc.), it then determines whether the partial task 98should be fully offloaded or partially offloaded.

If the controller 86 determines that the partial task 98 should be fullyoffloaded, it generates DST control information 178 and provides it tothe DST client module 34. The DST control information 178 includes thepartial task 98, memory storage information regarding the slice grouping96, and distribution instructions. The distribution instructionsinstruct the DST client module 34 to divide the partial task 98 intosub-partial tasks 172, to divide the slice grouping 96 into sub-slicegroupings 170, and identify other DST execution units. The DST clientmodule 34 functions in a similar manner as the DST client module 34 ofFIGS. 3-10 to produce the sub-partial tasks 172 and the sub-slicegroupings 170 in accordance with the distribution instructions.

The DST client module 34 receives DST feedback 168 (e.g., sub-partialresults), via the interface 169, from the DST execution units to whichthe task was offloaded. The DST client module 34 provides thesub-partial results to the DST execution unit, which processes thesub-partial results to produce the partial result(s) 102.

If the controller 86 determines that the partial task 98 should bepartially offloaded, it determines what portion of the task 98 and/orslice grouping 96 should be processed locally and what should beoffloaded. For the portion that is being locally processed, thecontroller 86 generates task control information 176 as previouslydiscussed. For the portion that is being offloaded, the controller 86generates DST control information 178 as previously discussed.

When the DST client module 34 receives DST feedback 168 (e.g.,sub-partial results) from the DST executions units to which a portion ofthe task was offloaded, it provides the sub-partial results to the DTexecution module 90. The DT execution module 90 processes thesub-partial results with the sub-partial results it created to producethe partial result(s) 102.

The memory 88 may be further utilized to retrieve one or more of storedslices 100, stored results 104, partial results 102 when the DTexecution module 90 stores partial results 102 and/or results 104 in thememory 88. For example, when the partial task 98 includes a retrievalrequest, the controller 86 outputs the memory control 174 to the memory88 to facilitate retrieval of slices 100 and/or results 104.

FIG. 12 is a schematic block diagram of an example of operation of adistributed storage and task (DST) execution unit storing encoded dataslices and executing a task thereon. To store the encoded data slices ofa partition 1 of slice grouping 1, a controller 86 generates writecommands as memory control information 174 such that the encoded slicesare stored in desired locations (e.g., permanent or temporary) withinmemory 88.

Once the encoded slices are stored, the controller 86 provides taskcontrol information 176 to a distributed task (DT) execution module 90.As a first step of executing the task in accordance with the taskcontrol information 176, the DT execution module 90 retrieves theencoded slices from memory 88. The DT execution module 90 thenreconstructs contiguous data blocks of a data partition. As shown forthis example, reconstructed contiguous data blocks of data partition 1include data blocks 1-15 (e.g., d1-d15).

With the contiguous data blocks reconstructed, the DT execution module90 performs the task on the reconstructed contiguous data blocks. Forexample, the task may be to search the reconstructed contiguous datablocks for a particular word or phrase, identify where in thereconstructed contiguous data blocks the particular word or phraseoccurred, and/or count the occurrences of the particular word or phraseon the reconstructed contiguous data blocks. The DST execution unitcontinues in a similar manner for the encoded data slices of otherpartitions in slice grouping 1. Note that with using the unity matrixerror encoding scheme previously discussed, if the encoded data slicesof contiguous data are uncorrupted, the decoding of them is a relativelystraightforward process of extracting the data.

If, however, an encoded data slice of contiguous data is corrupted (ormissing), it can be rebuilt by accessing other DST execution units thatare storing the other encoded data slices of the set of encoded dataslices of the corrupted encoded data slice. In this instance, the DSTexecution unit having the corrupted encoded data slices retrieves atleast three encoded data slices (of contiguous data and of error codingdata) in the set from the other DST execution units (recall for thisexample, the pillar width is 5 and the decode threshold is 3). The DSTexecution unit decodes the retrieved data slices using the DS errorencoding parameters to recapture the corresponding data segment. The DSTexecution unit then re-encodes the data segment using the DS errorencoding parameters to rebuild the corrupted encoded data slice. Oncethe encoded data slice is rebuilt, the DST execution unit functions aspreviously described.

FIG. 13 is a schematic block diagram of an embodiment of an inbounddistributed storage and/or task (DST) processing section 82 of a DSTclient module coupled to DST execution units of a distributed storageand task network (DSTN) module via a network 24. The inbound DSTprocessing section 82 includes a de-grouping module 180, a DS (dispersedstorage) error decoding module 182, a data de-partitioning module 184, acontrol module 186, and a distributed task control module 188. Note thatthe control module 186 and/or the distributed task control module 188may be separate modules from corresponding ones of outbound DSTprocessing section or may be the same modules.

In an example of operation, the DST execution units have completedexecution of corresponding partial tasks on the corresponding slicegroupings to produce partial results 102. The inbound DST processingsection 82 receives the partial results 102 via the distributed taskcontrol module 188. The inbound DST processing section 82 then processesthe partial results 102 to produce a final result, or results 104. Forexample, if the task was to find a specific word or phrase within data,the partial results 102 indicate where in each of the prescribedportions of the data the corresponding DST execution units found thespecific word or phrase. The distributed task control module 188combines the individual partial results 102 for the correspondingportions of the data into a final result 104 for the data as a whole.

In another example of operation, the inbound DST processing section 82is retrieving stored data from the DST execution units (i.e., the DSTNmodule). In this example, the DST execution units output encoded dataslices 100 corresponding to the data retrieval requests. The de-groupingmodule 180 receives retrieved slices 100 and de-groups them to produceencoded data slices per data partition 122. The DS error decoding module182 decodes, in accordance with DS error encoding parameters, theencoded data slices per data partition 122 to produce data partitions120.

The data de-partitioning module 184 combines the data partitions 120into the data 92. The control module 186 controls the conversion ofretrieved slices 100 into the data 92 using control signals 190 to eachof the modules. For instance, the control module 186 providesde-grouping information to the de-grouping module 180, provides the DSerror encoding parameters to the DS error decoding module 182, andprovides de-partitioning information to the data de-partitioning module184.

FIG. 14 is a logic diagram of an example of a method that is executableby distributed storage and task (DST) client module regarding inboundDST processing. The method begins at step 194 where the DST clientmodule receives partial results. The method continues at step 196 wherethe DST client module retrieves the task corresponding to the partialresults. For example, the partial results include header informationthat identifies the requesting entity, which correlates to the requestedtask.

The method continues at step 198 where the DST client module determinesresult processing information based on the task. For example, if thetask were to identify a particular word or phrase within the data, theresult processing information would indicate to aggregate the partialresults for the corresponding portions of the data to produce the finalresult. As another example, if the task were to count the occurrences ofa particular word or phrase within the data, results of processing theinformation would indicate to add the partial results to produce thefinal results. The method continues at step 200 where the DST clientmodule processes the partial results in accordance with the resultprocessing information to produce the final result or results.

FIG. 15 is a diagram of an example of de-grouping selection processingof an inbound distributed storage and task (DST) processing section of aDST client module. In general, this is an inverse process of thegrouping module of the outbound DST processing section of FIG. 9.Accordingly, for each data partition (e.g., partition #1), thede-grouping module retrieves the corresponding slice grouping from theDST execution units (EU) (e.g., DST 1-5).

As shown, DST execution unit #1 provides a first slice grouping, whichincludes the first encoded slices of each of the sets of encoded slices(e.g., encoded data slices of contiguous data of data blocks 1-15); DSTexecution unit #2 provides a second slice grouping, which includes thesecond encoded slices of each of the sets of encoded slices (e.g.,encoded data slices of contiguous data of data blocks 16-30); DSTexecution unit #3 provides a third slice grouping, which includes thethird encoded slices of each of the sets of encoded slices (e.g.,encoded data slices of contiguous data of data blocks 31-45); DSTexecution unit #4 provides a fourth slice grouping, which includes thefourth encoded slices of each of the sets of encoded slices (e.g., firstencoded data slices of error coding (EC) data); and DST execution unit#5 provides a fifth slice grouping, which includes the fifth encodedslices of each of the sets of encoded slices (e.g., first encoded dataslices of error coding (EC) data).

The de-grouping module de-groups the slice groupings (e.g., receivedslices 100) using a de-grouping selector 180 controlled by a controlsignal 190 as shown in the example to produce a plurality of sets ofencoded data slices (e.g., retrieved slices for a partition into sets ofslices 122). Each set corresponding to a data segment of the datapartition.

FIG. 16 is a schematic block diagram of an embodiment of a dispersedstorage (DS) error decoding module 182 of an inbound distributed storageand task (DST) processing section. The DS error decoding module 182includes an inverse per slice security processing module 202, ade-slicing module 204, an error decoding module 206, an inverse segmentsecurity module 208, a de-segmenting processing module 210, and acontrol module 186.

In an example of operation, the inverse per slice security processingmodule 202, when enabled by the control module 186, unsecures eachencoded data slice 122 based on slice de-security information receivedas control information 190 (e.g., the compliment of the slice securityinformation discussed with reference to FIG. 6) received from thecontrol module 186. The slice security information includes datadecompression, decryption, de-watermarking, integrity check (e.g., CRCverification, etc.), and/or any other type of digital security. Forexample, when the inverse per slice security processing module 202 isenabled, it verifies integrity information (e.g., a CRC value) of eachencoded data slice 122, it decrypts each verified encoded data slice,and decompresses each decrypted encoded data slice to produce sliceencoded data 158. When the inverse per slice security processing module202 is not enabled, it passes the encoded data slices 122 as the slicedencoded data 158 or is bypassed such that the retrieved encoded dataslices 122 are provided as the sliced encoded data 158.

The de-slicing module 204 de-slices the sliced encoded data 158 intoencoded data segments 156 in accordance with a pillar width of the errorcorrection encoding parameters received as control information 190 fromthe control module 186. For example, if the pillar width is five, thede-slicing module 204 de-slices a set of five encoded data slices intoan encoded data segment 156. The error decoding module 206 decodes theencoded data segments 156 in accordance with error correction decodingparameters received as control information 190 from the control module186 to produce secure data segments 154. The error correction decodingparameters include identifying an error correction encoding scheme(e.g., forward error correction algorithm, a Reed-Solomon basedalgorithm, an information dispersal algorithm, etc.), a pillar width, adecode threshold, a read threshold, a write threshold, etc. For example,the error correction decoding parameters identify a specific errorcorrection encoding scheme, specify a pillar width of five, and specifya decode threshold of three.

The inverse segment security processing module 208, when enabled by thecontrol module 186, unsecures the secured data segments 154 based onsegment security information received as control information 190 fromthe control module 186. The segment security information includes datadecompression, decryption, de-watermarking, integrity check (e.g., CRC,etc.) verification, and/or any other type of digital security. Forexample, when the inverse segment security processing module 208 isenabled, it verifies integrity information (e.g., a CRC value) of eachsecure data segment 154, it decrypts each verified secured data segment,and decompresses each decrypted secure data segment to produce a datasegment 152. When the inverse segment security processing module 208 isnot enabled, it passes the decoded data segment 154 as the data segment152 or is bypassed.

The de-segment processing module 210 receives the data segments 152 andreceives de-segmenting information as control information 190 from thecontrol module 186. The de-segmenting information indicates how thede-segment processing module 210 is to de-segment the data segments 152into a data partition 120. For example, the de-segmenting informationindicates how the rows and columns of data segments are to be rearrangedto yield the data partition 120.

FIG. 17 is a diagram of an example of de-slicing and error decodingprocessing of a dispersed error decoding module. A de-slicing module 204receives at least a decode threshold number of encoded data slices 158for each data segment in accordance with control information 190 andprovides encoded data 156. In this example, a decode threshold is three.As such, each set of encoded data slices 158 is shown to have threeencoded data slices per data segment. The de-slicing module 204 mayreceive three encoded data slices per data segment because an associateddistributed storage and task (DST) client module requested retrievingonly three encoded data slices per segment or selected three of theretrieved encoded data slices per data segment. As shown, which is basedon the unity matrix encoding previously discussed with reference to FIG.8, an encoded data slice may be a data-based encoded data slice (e.g.,DS1_d1&d2) or an error code based encoded data slice (e.g., ES3_1).

An error decoding module 206 decodes the encoded data 156 of each datasegment in accordance with the error correction decoding parameters ofcontrol information 190 to produce secured segments 154. In thisexample, data segment 1 includes 3 rows with each row being treated asone word for encoding. As such, data segment 1 includes three words:word 1 including data blocks d1 and d2, word 2 including data blocks d16and d17, and word 3 including data blocks d31 and d32. Each of datasegments 2-7 includes three words where each word includes two datablocks. Data segment 8 includes three words where each word includes asingle data block (e.g., d15, d30, and d45).

FIG. 18 is a diagram of an example of de-segment processing of aninbound distributed storage and task (DST) processing. In this example,a de-segment processing module 210 receives data segments 152 (e.g.,1-8) and rearranges the data blocks of the data segments into rows andcolumns in accordance with de-segmenting information of controlinformation 190 to produce a data partition 120. Note that the number ofrows is based on the decode threshold (e.g., 3 in this specific example)and the number of columns is based on the number and size of the datablocks.

The de-segmenting module 210 converts the rows and columns of datablocks into the data partition 120. Note that each data block may be ofthe same size as other data blocks or of a different size. In addition,the size of each data block may be a few bytes to megabytes of data.

FIG. 19 is a diagram of an example of converting slice groups into data92 within an inbound distributed storage and task (DST) processingsection. As shown, the data 92 is reconstructed from a plurality of datapartitions (1-x, where x is an integer greater than 4). Each datapartition (or chunk set of data) is decoded and re-grouped using ade-grouping and decoding function 212 and a de-partition function 214from slice groupings as previously discussed. For a given datapartition, the slice groupings (e.g., at least a decode threshold perdata segment of encoded data slices) are received from DST executionunits. From data partition to data partition, the ordering of the slicegroupings received from the DST execution units may vary as discussedwith reference to FIG. 10.

FIG. 20 is a diagram of an example of a distributed storage and/orretrieval within the distributed computing system. The distributedcomputing system includes a plurality of distributed storage and/or task(DST) processing client modules 34 (one shown) coupled to a distributedstorage and/or task processing network (DSTN) module, or multiple DSTNmodules, via a network 24. The DST client module 34 includes an outboundDST processing section 80 and an inbound DST processing section 82. TheDSTN module includes a plurality of DST execution units. Each DSTexecution unit includes a controller 86, memory 88, one or moredistributed task (DT) execution modules 90, and a DST client module 34.

In an example of data storage, the DST client module 34 has data 92 thatit desires to store in the DSTN module. The data 92 may be a file (e.g.,video, audio, text, graphics, etc.), a data object, a data block, anupdate to a file, an update to a data block, etc. In this instance, theoutbound DST processing module 80 converts the data 92 into encoded dataslices 216 as will be further described with reference to FIGS. 21-23.The outbound DST processing module 80 sends, via the network 24, to theDST execution units for storage as further described with reference toFIG. 24.

In an example of data retrieval, the DST client module 34 issues aretrieve request to the DST execution units for the desired data 92. Theretrieve request may address each DST executions units storing encodeddata slices of the desired data, address a decode threshold number ofDST execution units, address a read threshold number of DST executionunits, or address some other number of DST execution units. In responseto the request, each addressed DST execution unit retrieves its encodeddata slices 100 of the desired data and sends them to the inbound DSTprocessing section 82, via the network 24.

When, for each data segment, the inbound DST processing section 82receives at least a decode threshold number of encoded data slices 100,it converts the encoded data slices 100 into a data segment. The inboundDST processing section 82 aggregates the data segments to produce theretrieved data 92.

FIG. 21 is a schematic block diagram of an embodiment of an outbounddistributed storage and/or task (DST) processing section 80 of a DSTclient module coupled to a distributed storage and task network (DSTN)module (e.g., a plurality of DST execution units) via a network 24. Theoutbound DST processing section 80 includes a data partitioning module110, a dispersed storage (DS) error encoding module 112, a groupselection module 114, a control module 116, and a distributed taskcontrol module 118.

In an example of operation, the data partitioning module 110 isby-passed such that data 92 is provided directly to the DS errorencoding module 112. The control module 116 coordinates the by-passingof the data partitioning module 110 by outputting a bypass 220 messageto the data partitioning module 110.

The DS error encoding module 112 receives the data 92 in a serialmanner, a parallel manner, and/or a combination thereof. The DS errorencoding module 112 DS error encodes the data in accordance with controlinformation 160 from the control module 116 to produce encoded dataslices 218. The DS error encoding includes segmenting the data 92 intodata segments, segment security processing (e.g., encryption,compression, watermarking, integrity check (e.g., CRC, etc.)), errorencoding, slicing, and/or per slice security processing (e.g.,encryption, compression, watermarking, integrity check (e.g., CRC,etc.)). The control information 160 indicates which steps of the DSerror encoding are active for the data 92 and, for active steps,indicates the parameters for the step. For example, the controlinformation 160 indicates that the error encoding is active and includeserror encoding parameters (e.g., pillar width, decode threshold, writethreshold, read threshold, type of error encoding, etc.).

The grouping selector module 114 groups the encoded slices 218 of thedata segments into pillars of slices 216. The number of pillarscorresponds to the pillar width of the DS error encoding parameters. Inthis example, the distributed task control module 118 facilitates thestorage request.

FIG. 22 is a schematic block diagram of an example of a dispersedstorage (DS) error encoding module 112 for the example of FIG. 21. TheDS error encoding module 112 includes a segment processing module 142, asegment security processing module 144, an error encoding module 146, aslicing module 148, and a per slice security processing module 150. Eachof these modules is coupled to a control module 116 to receive controlinformation 160 therefrom.

In an example of operation, the segment processing module 142 receivesdata 92 and receives segmenting information as control information 160from the control module 116. The segmenting information indicates howthe segment processing module is to segment the data. For example, thesegmenting information indicates the size of each data segment. Thesegment processing module 142 segments the data 92 into data segments152 in accordance with the segmenting information.

The segment security processing module 144, when enabled by the controlmodule 116, secures the data segments 152 based on segment securityinformation received as control information 160 from the control module116. The segment security information includes data compression,encryption, watermarking, integrity check (e.g., CRC, etc.), and/or anyother type of digital security. For example, when the segment securityprocessing module 144 is enabled, it compresses a data segment 152,encrypts the compressed data segment, and generates a CRC value for theencrypted data segment to produce a secure data segment. When thesegment security processing module 144 is not enabled, it passes thedata segments 152 to the error encoding module 146 or is bypassed suchthat the data segments 152 are provided to the error encoding module146.

The error encoding module 146 encodes the secure data segments inaccordance with error correction encoding parameters received as controlinformation 160 from the control module 116. The error correctionencoding parameters include identifying an error correction encodingscheme (e.g., forward error correction algorithm, a Reed-Solomon basedalgorithm, an information dispersal algorithm, etc.), a pillar width, adecode threshold, a read threshold, a write threshold, etc. For example,the error correction encoding parameters identify a specific errorcorrection encoding scheme, specifies a pillar width of five, andspecifies a decode threshold of three. From these parameters, the errorencoding module 146 encodes a data segment to produce an encoded datasegment.

The slicing module 148 slices the encoded data segment in accordancewith a pillar width of the error correction encoding parameters. Forexample, if the pillar width is five, the slicing module slices anencoded data segment into a set of five encoded data slices. As such,for a plurality of data segments, the slicing module 148 outputs aplurality of sets of encoded data slices as shown within encoding andslicing function 222 as described.

The per slice security processing module 150, when enabled by thecontrol module 116, secures each encoded data slice based on slicesecurity information received as control information 160 from thecontrol module 116. The slice security information includes datacompression, encryption, watermarking, integrity check (e.g., CRC,etc.), and/or any other type of digital security. For example, when theper slice security processing module 150 is enabled, it may compress anencoded data slice, encrypt the compressed encoded data slice, andgenerate a CRC value for the encrypted encoded data slice to produce asecure encoded data slice tweaking. When the per slice securityprocessing module 150 is not enabled, it passes the encoded data slicesor is bypassed such that the encoded data slices 218 are the output ofthe DS error encoding module 112.

FIG. 23 is a diagram of an example of converting data 92 into pillarslice groups utilizing encoding, slicing and pillar grouping function224 for storage in memory of a distributed storage and task network(DSTN) module. As previously discussed the data 92 is encoded and slicedinto a plurality of sets of encoded data slices; one set per datasegment. The grouping selection module organizes the sets of encodeddata slices into pillars of data slices. In this example, the DS errorencoding parameters include a pillar width of 5 and a decode thresholdof 3. As such, for each data segment, 5 encoded data slices are created.

The grouping selection module takes the first encoded data slice of eachof the sets and forms a first pillar, which may be sent to the first DSTexecution unit. Similarly, the grouping selection module creates thesecond pillar from the second slices of the sets; the third pillar fromthe third slices of the sets; the fourth pillar from the fourth slicesof the sets; and the fifth pillar from the fifth slices of the set.

FIG. 24 is a schematic block diagram of an embodiment of a distributedstorage and/or task (DST) execution unit that includes an interface 169,a controller 86, memory 88, one or more distributed task (DT) executionmodules 90, and a DST client module 34. A computing core 26 may beutilized to implement the one or more DT execution modules 90 and theDST client module 34. The memory 88 is of sufficient size to store asignificant number of encoded data slices (e.g., thousands of slices tohundreds-of-millions of slices) and may include one or more hard drivesand/or one or more solid-state memory devices (e.g., flash memory, DRAM,etc.).

In an example of storing a pillar of slices 216, the DST execution unitreceives, via interface 169, a pillar of slices 216 (e.g., pillar #1slices). The memory 88 stores the encoded data slices 216 of the pillarof slices in accordance with memory control information 174 it receivesfrom the controller 86. The controller 86 (e.g., a processing module, aCPU, etc.) generates the memory control information 174 based ondistributed storage information (e.g., user information (e.g., user ID,distributed storage permissions, data access permission, etc.), vaultinformation (e.g., virtual memory assigned to user, user group, etc.),etc.). Similarly, when retrieving slices, the DST execution unitreceives, via interface 169, a slice retrieval request. The memory 88retrieves the slice in accordance with memory control information 174 itreceives from the controller 86. The memory 88 outputs the slice 100,via the interface 169, to a requesting entity.

FIG. 25 is a schematic block diagram of an example of operation of aninbound distributed storage and/or task (DST) processing section 82 forretrieving dispersed error encoded data 92. The inbound DST processingsection 82 includes a de-grouping module 180, a dispersed storage (DS)error decoding module 182, a data de-partitioning module 184, a controlmodule 186, and a distributed task control module 188. Note that thecontrol module 186 and/or the distributed task control module 188 may beseparate modules from corresponding ones of an outbound DST processingsection or may be the same modules.

In an example of operation, the inbound DST processing section 82 isretrieving stored data 92 from the DST execution units (i.e., the DSTNmodule). In this example, the DST execution units output encoded dataslices corresponding to data retrieval requests from the distributedtask control module 188. The de-grouping module 180 receives pillars ofslices 100 and de-groups them in accordance with control information 190from the control module 186 to produce sets of encoded data slices 218.The DS error decoding module 182 decodes, in accordance with the DSerror encoding parameters received as control information 190 from thecontrol module 186, each set of encoded data slices 218 to produce datasegments, which are aggregated into retrieved data 92. The datade-partitioning module 184 is by-passed in this operational mode via abypass signal 226 of control information 190 from the control module186.

FIG. 26 is a schematic block diagram of an embodiment of a dispersedstorage (DS) error decoding module 182 of an inbound distributed storageand task (DST) processing section. The DS error decoding module 182includes an inverse per slice security processing module 202, ade-slicing module 204, an error decoding module 206, an inverse segmentsecurity module 208, and a de-segmenting processing module 210. Thedispersed error decoding module 182 is operable to de-slice and decodeencoded slices per data segment 218 utilizing a de-slicing and decodingfunction 228 to produce a plurality of data segments that arede-segmented utilizing a de-segment function 230 to recover data 92.

In an example of operation, the inverse per slice security processingmodule 202, when enabled by the control module 186 via controlinformation 190, unsecures each encoded data slice 218 based on slicede-security information (e.g., the compliment of the slice securityinformation discussed with reference to FIG. 6) received as controlinformation 190 from the control module 186. The slice de-securityinformation includes data decompression, decryption, de-watermarking,integrity check (e.g., CRC verification, etc.), and/or any other type ofdigital security. For example, when the inverse per slice securityprocessing module 202 is enabled, it verifies integrity information(e.g., a CRC value) of each encoded data slice 218, it decrypts eachverified encoded data slice, and decompresses each decrypted encodeddata slice to produce slice encoded data. When the inverse per slicesecurity processing module 202 is not enabled, it passes the encodeddata slices 218 as the sliced encoded data or is bypassed such that theretrieved encoded data slices 218 are provided as the sliced encodeddata.

The de-slicing module 204 de-slices the sliced encoded data into encodeddata segments in accordance with a pillar width of the error correctionencoding parameters received as control information 190 from a controlmodule 186. For example, if the pillar width is five, the de-slicingmodule de-slices a set of five encoded data slices into an encoded datasegment. Alternatively, the encoded data segment may include just threeencoded data slices (e.g., when the decode threshold is 3).

The error decoding module 206 decodes the encoded data segments inaccordance with error correction decoding parameters received as controlinformation 190 from the control module 186 to produce secure datasegments. The error correction decoding parameters include identifyingan error correction encoding scheme (e.g., forward error correctionalgorithm, a Reed-Solomon based algorithm, an information dispersalalgorithm, etc.), a pillar width, a decode threshold, a read threshold,a write threshold, etc. For example, the error correction decodingparameters identify a specific error correction encoding scheme, specifya pillar width of five, and specify a decode threshold of three.

The inverse segment security processing module 208, when enabled by thecontrol module 186, unsecures the secured data segments based on segmentsecurity information received as control information 190 from thecontrol module 186. The segment security information includes datadecompression, decryption, de-watermarking, integrity check (e.g., CRC,etc.) verification, and/or any other type of digital security. Forexample, when the inverse segment security processing module is enabled,it verifies integrity information (e.g., a CRC value) of each securedata segment, it decrypts each verified secured data segment, anddecompresses each decrypted secure data segment to produce a datasegment 152. When the inverse segment security processing module 208 isnot enabled, it passes the decoded data segment 152 as the data segmentor is bypassed. The de-segmenting processing module 210 aggregates thedata segments 152 into the data 92 in accordance with controlinformation 190 from the control module 186.

FIG. 27 is a schematic block diagram of an example of a distributedstorage and task processing network (DSTN) module that includes aplurality of distributed storage and task (DST) execution units (#1through #n, where, for example, n is an integer greater than or equal tothree). Each of the DST execution units includes a DST client module 34,a controller 86, one or more DT (distributed task) execution modules 90,and memory 88.

In this example, the DSTN module stores, in the memory of the DSTexecution units, a plurality of DS (dispersed storage) encoded data(e.g., 1 through n, where n is an integer greater than or equal to two)and stores a plurality of DS encoded task codes (e.g., 1 through k,where k is an integer greater than or equal to two). The DS encoded datamay be encoded in accordance with one or more examples described withreference to FIGS. 3-19 (e.g., organized in slice groupings) or encodedin accordance with one or more examples described with reference toFIGS. 20-26 (e.g., organized in pillar groups). The data that is encodedinto the DS encoded data may be of any size and/or of any content. Forexample, the data may be one or more digital books, a copy of acompany's emails, a large-scale Internet search, a video security file,one or more entertainment video files (e.g., television programs,movies, etc.), data files, and/or any other large amount of data (e.g.,greater than a few Terabytes).

The tasks that are encoded into the DS encoded task code may be a simplefunction (e.g., a mathematical function, a logic function, an identifyfunction, a find function, a search engine function, a replace function,etc.), a complex function (e.g., compression, human and/or computerlanguage translation, text-to-voice conversion, voice-to-textconversion, etc.), multiple simple and/or complex functions, one or morealgorithms, one or more applications, etc. The tasks may be encoded intothe DS encoded task code in accordance with one or more examplesdescribed with reference to FIGS. 3-19 (e.g., organized in slicegroupings) or encoded in accordance with one or more examples describedwith reference to FIGS. 20-26 (e.g., organized in pillar groups).

In an example of operation, a DST client module of a user device or of aDST processing unit issues a DST request to the DSTN module. The DSTrequest may include a request to retrieve stored data, or a portionthereof, may include a request to store data that is included with theDST request, may include a request to perform one or more tasks onstored data, may include a request to perform one or more tasks on dataincluded with the DST request, etc. In the cases where the DST requestincludes a request to store data or to retrieve data, the client moduleand/or the DSTN module processes the request as previously discussedwith reference to one or more of FIGS. 3-19 (e.g., slice groupings)and/or 20-26 (e.g., pillar groupings). In the case where the DST requestincludes a request to perform one or more tasks on data included withthe DST request, the DST client module and/or the DSTN module processthe DST request as previously discussed with reference to one or more ofFIGS. 3-19.

In the case where the DST request includes a request to perform one ormore tasks on stored data, the DST client module and/or the DSTN moduleprocesses the DST request as will be described with reference to one ormore of FIGS. 28-39. In general, the DST client module identifies dataand one or more tasks for the DSTN module to execute upon the identifieddata. The DST request may be for a one-time execution of the task or foran on-going execution of the task. As an example of the latter, as acompany generates daily emails, the DST request may be to daily searchnew emails for inappropriate content and, if found, record the content,the email sender(s), the email recipient(s), email routing information,notify human resources of the identified email, etc.

FIG. 28 is a schematic block diagram of an example of a distributedcomputing system performing tasks on stored data. In this example, twodistributed storage and task (DST) client modules 1-2 are shown: thefirst may be associated with a user device and the second may beassociated with a DST processing unit or a high priority user device(e.g., high priority clearance user, system administrator, etc.). EachDST client module includes a list of stored data 234 and a list of taskscodes 236. The list of stored data 234 includes one or more entries ofdata identifying information, where each entry identifies data stored inthe DSTN module 22. The data identifying information (e.g., data ID)includes one or more of a data file name, a data file directory listing,DSTN addressing information of the data, a data object identifier, etc.The list of tasks 236 includes one or more entries of task codeidentifying information, when each entry identifies task codes stored inthe DSTN module 22. The task code identifying information (e.g., taskID) includes one or more of a task file name, a task file directorylisting, DSTN addressing information of the task, another type ofidentifier to identify the task, etc.

As shown, the list of data 234 and the list of tasks 236 are eachsmaller in number of entries for the first DST client module than thecorresponding lists of the second DST client module. This may occurbecause the user device associated with the first DST client module hasfewer privileges in the distributed computing system than the deviceassociated with the second DST client module. Alternatively, this mayoccur because the user device associated with the first DST clientmodule serves fewer users than the device associated with the second DSTclient module and is restricted by the distributed computing systemaccordingly. As yet another alternative, this may occur through norestraints by the distributed computing system, it just occurred becausethe operator of the user device associated with the first DST clientmodule has selected fewer data and/or fewer tasks than the operator ofthe device associated with the second DST client module.

In an example of operation, the first DST client module selects one ormore data entries 238 and one or more tasks 240 from its respectivelists (e.g., selected data ID and selected task ID). The first DSTclient module sends its selections to a task distribution module 232.The task distribution module 232 may be within a stand-alone device ofthe distributed computing system, may be within the user device thatcontains the first DST client module, or may be within the DSTN module22.

Regardless of the task distribution module's location, it generates DSTallocation information 242 from the selected task ID 240 and theselected data ID 238. The DST allocation information 242 includes datapartitioning information, task execution information, and/orintermediate result information. The task distribution module 232 sendsthe DST allocation information 242 to the DSTN module 22. Note that oneor more examples of the DST allocation information will be discussedwith reference to one or more of FIGS. 29-39.

The DSTN module 22 interprets the DST allocation information 242 toidentify the stored DS encoded data (e.g., DS error encoded data 2) andto identify the stored DS error encoded task code (e.g., DS errorencoded task code 1). In addition, the DSTN module 22 interprets the DSTallocation information 242 to determine how the data is to bepartitioned and how the task is to be partitioned. The DSTN module 22also determines whether the selected DS error encoded data 238 needs tobe converted from pillar grouping to slice grouping. If so, the DSTNmodule 22 converts the selected DS error encoded data into slicegroupings and stores the slice grouping DS error encoded data byoverwriting the pillar grouping DS error encoded data or by storing itin a different location in the memory of the DSTN module 22 (i.e., doesnot overwrite the pillar grouping DS encoded data).

The DSTN module 22 partitions the data and the task as indicated in theDST allocation information 242 and sends the portions to selected DSTexecution units of the DSTN module 22. Each of the selected DSTexecution units performs its partial task(s) on its slice groupings toproduce partial results. The DSTN module 22 collects the partial resultsfrom the selected DST execution units and provides them, as resultinformation 244, to the task distribution module. The result information244 may be the collected partial results, one or more final results asproduced by the DSTN module 22 from processing the partial results inaccordance with the DST allocation information 242, or one or moreintermediate results as produced by the DSTN module 22 from processingthe partial results in accordance with the DST allocation information242.

The task distribution module 232 receives the result information 244 andprovides one or more final results 104 therefrom to the first DST clientmodule. The final result(s) 104 may be result information 244 or aresult(s) of the task distribution module's processing of the resultinformation 244.

In concurrence with processing the selected task of the first DST clientmodule, the distributed computing system may process the selectedtask(s) of the second DST client module on the selected data(s) of thesecond DST client module. Alternatively, the distributed computingsystem may process the second DST client module's request subsequent to,or preceding, that of the first DST client module. Regardless of theordering and/or parallel processing of the DST client module requests,the second DST client module provides its selected data 238 and selectedtask 240 to a task distribution module 232. If the task distributionmodule 232 is a separate device of the distributed computing system orwithin the DSTN module, the task distribution modules 232 coupled to thefirst and second DST client modules may be the same module. The taskdistribution module 232 processes the request of the second DST clientmodule in a similar manner as it processed the request of the first DSTclient module.

FIG. 29 is a schematic block diagram of an embodiment of a taskdistribution module 232 facilitating the example of FIG. 28. The taskdistribution module 232 includes a plurality of tables it uses togenerate distributed storage and task (DST) allocation information 242for selected data and selected tasks received from a DST client module.The tables include data storage information 248, task storageinformation 250, distributed task (DT) execution module information 252,and task ⇔ sub-task mapping information 246.

The data storage information table 248 includes a data identification(ID) field 260, a data size field 262, an addressing information field264, distributed storage (DS) information 266, and may further includeother information regarding the data, how it is stored, and/or how itcan be processed. For example, DS encoded data #1 has a data ID of 1, adata size of AA (e.g., a byte size of a few Terabytes or more),addressing information of Addr_1_AA, and DS parameters of 3/5; SEG_1;and SLC_1. In this example, the addressing information may be a virtualaddress corresponding to the virtual address of the first storage word(e.g., one or more bytes) of the data and information on how tocalculate the other addresses, may be a range of virtual addresses forthe storage words of the data, physical addresses of the first storageword or the storage words of the data, may be a list of slice names ofthe encoded data slices of the data, etc. The DS parameters may includeidentity of an error encoding scheme, decode threshold/pillar width(e.g., 3/5 for the first data entry), segment security information(e.g., SEG_1), per slice security information (e.g., SLC_1), and/or anyother information regarding how the data was encoded into data slices.

The task storage information table 250 includes a task identification(ID) field 268, a task size field 270, an addressing information field272, distributed storage (DS) information 274, and may further includeother information regarding the task, how it is stored, and/or how itcan be used to process data. For example, DS encoded task #2 has a taskID of 2, a task size of XY, addressing information of Addr_2_XY, and DSparameters of 3/5; SEG_2; and SLC_2. In this example, the addressinginformation may be a virtual address corresponding to the virtualaddress of the first storage word (e.g., one or more bytes) of the taskand information on how to calculate the other addresses, may be a rangeof virtual addresses for the storage words of the task, physicaladdresses of the first storage word or the storage words of the task,may be a list of slice names of the encoded slices of the task code,etc. The DS parameters may include identity of an error encoding scheme,decode threshold/pillar width (e.g., 3/5 for the first data entry),segment security information (e.g., SEG_2), per slice securityinformation (e.g., SLC_2), and/or any other information regarding howthe task was encoded into encoded task slices. Note that the segmentand/or the per-slice security information include a type of encryption(if enabled), a type of compression (if enabled), watermarkinginformation (if enabled), and/or an integrity check scheme (if enabled).

The task ⇔ sub-task mapping information table 246 includes a task field256 and a sub-task field 258. The task field 256 identifies a taskstored in the memory of a distributed storage and task network (DSTN)module and the corresponding sub-task fields 258 indicates whether thetask includes sub-tasks and, if so, how many and if any of the sub-tasksare ordered. In this example, the task ⇔ sub-task mapping informationtable 246 includes an entry for each task stored in memory of the DSTNmodule (e.g., task 1 through task k). In particular, this exampleindicates that task 1 includes 7 sub-tasks; task 2 does not includesub-tasks, and task k includes r number of sub-tasks (where r is aninteger greater than or equal to two).

The DT execution module table 252 includes a DST execution unit ID field276, a DT execution module ID field 278, and a DT execution modulecapabilities field 280. The DST execution unit ID field 276 includes theidentity of DST units in the DSTN module. The DT execution module IDfield 278 includes the identity of each DT execution unit in each DSTunit. For example, DST unit 1 includes three DT executions modules(e.g., 1_1, 1_2, and 1_3). The DT execution capabilities field 280includes identity of the capabilities of the corresponding DT executionunit. For example, DT execution module 1_1 includes capabilities X,where X includes one or more of MIPS capabilities, processing resources(e.g., quantity and capability of microprocessors, CPUs, digital signalprocessors, co-processor, microcontrollers, arithmetic logic circuitry,and/or any other analog and/or digital processing circuitry),availability of the processing resources, memory information (e.g.,type, size, availability, etc.), and/or any information germane toexecuting one or more tasks.

From these tables, the task distribution module 232 generates the DSTallocation information 242 to indicate where the data is stored, how topartition the data, where the task is stored, how to partition the task,which DT execution units should perform which partial task on which datapartitions, where and how intermediate results are to be stored, etc. Ifmultiple tasks are being performed on the same data or different data,the task distribution module factors such information into itsgeneration of the DST allocation information.

FIG. 30 is a diagram of a specific example of a distributed computingsystem performing tasks on stored data as a task flow 318. In thisexample, selected data 92 is data 2 and selected tasks are tasks 1, 2,and 3. Task 1 corresponds to analyzing translation of data from onelanguage to another (e.g., human language or computer language); task 2corresponds to finding specific words and/or phrases in the data; andtask 3 corresponds to finding specific translated words and/or phrasesin translated data.

In this example, task 1 includes 7 sub-tasks: task 1_1—identifynon-words (non-ordered); task 1_2—identify unique words (non-ordered);task 1_3—translate (non-ordered); task 1_4—translate back (ordered aftertask 1_3); task 1_5—compare to ID errors (ordered after task 1-4); task1_6—determine non-word translation errors (ordered after task 1_5 and1_1); and task 1_7—determine correct translations (ordered after 1_5 and1_2). The sub-task further indicates whether they are an ordered task(i.e., are dependent on the outcome of another task) or non-order (i.e.,are independent of the outcome of another task). Task 2 does not includesub-tasks and task 3 includes two sub-tasks: task 3_1 translate; andtask 3_2 find specific word or phrase in translated data.

In general, the three tasks collectively are selected to analyze datafor translation accuracies, translation errors, translation anomalies,occurrence of specific words or phrases in the data, and occurrence ofspecific words or phrases on the translated data. Graphically, the data92 is translated 306 into translated data 282; is analyzed for specificwords and/or phrases 300 to produce a list of specific words and/orphrases 286; is analyzed for non-words 302 (e.g., not in a referencedictionary) to produce a list of non-words 290; and is analyzed forunique words 316 included in the data 92 (i.e., how many different wordsare included in the data) to produce a list of unique words 298. Each ofthese tasks is independent of each other and can therefore be processedin parallel if desired.

The translated data 282 is analyzed (e.g., sub-task 3_2) for specifictranslated words and/or phrases 304 to produce a list of specifictranslated words and/or phrases 288. The translated data 282 istranslated back 308 (e.g., sub-task 1_4) into the language of theoriginal data to produce re-translated data 284. These two tasks aredependent on the translate task (e.g., task 1_3) and thus must beordered after the translation task, which may be in a pipelined orderingor a serial ordering. The re-translated data 284 is then compared 310with the original data 92 to find words and/or phrases that did nottranslate (one way and/or the other) properly to produce a list ofincorrectly translated words 294. As such, the comparing task (e.g.,sub-task 1_5) 310 is ordered after the translation 306 andre-translation tasks 308 (e.g., sub-tasks 1_3 and 1_4).

The list of words incorrectly translated 294 is compared 312 to the listof non-words 290 to identify words that were not properly translatedbecause the words are non-words to produce a list of errors due tonon-words 292. In addition, the list of words incorrectly translated 294is compared 314 to the list of unique words 298 to identify unique wordsthat were properly translated to produce a list of correctly translatedwords 296. The comparison may also identify unique words that were notproperly translated to produce a list of unique words that were notproperly translated. Note that each list of words (e.g., specific wordsand/or phrases, non-words, unique words, translated words and/orphrases, etc.,) may include the word and/or phrase, how many times it isused, where in the data it is used, and/or any other informationrequested regarding a word and/or phrase.

FIG. 31 is a schematic block diagram of an example of a distributedstorage and task processing network (DSTN) module storing data and taskcodes for the example of FIG. 30. As shown, DS encoded data 2 is storedas encoded data slices across the memory (e.g., stored in memories 88)of DST execution units 1-5; the DS encoded task code 1 (of task 1) andDS encoded task 3 are stored as encoded task slices across the memory ofDST execution units 1-5; and DS encoded task code 2 (of task 2) isstored as encoded task slices across the memory of DST execution units3-7. As indicated in the data storage information table and the taskstorage information table of FIG. 29, the respective data/task has DSparameters of 3/5 for their decode threshold/pillar width; hencespanning the memory of five DST execution units.

FIG. 32 is a diagram of an example of distributed storage and task (DST)allocation information 242 for the example of FIG. 30. The DSTallocation information 242 includes data partitioning information 320,task execution information 322, and intermediate result information 324.The data partitioning information 320 includes the data identifier (ID),the number of partitions to split the data into, address information foreach data partition, and whether the DS encoded data has to betransformed from pillar grouping to slice grouping. The task executioninformation 322 includes tabular information having a taskidentification field 326, a task ordering field 328, a data partitionfield ID 330, and a set of DT execution modules 332 to use for thedistributed task processing per data partition. The intermediate resultinformation 324 includes tabular information having a name ID field 334,an ID of the DST execution unit assigned to process the correspondingintermediate result 336, a scratch pad storage field 338, and anintermediate result storage field 340.

Continuing with the example of FIG. 30, where tasks 1-3 are to bedistributedly performed on data 2, the data partitioning informationincludes the ID of data 2. In addition, the task distribution moduledetermines whether the DS encoded data 2 is in the proper format fordistributed computing (e.g., was stored as slice groupings). If not, thetask distribution module indicates that the DS encoded data 2 formatneeds to be changed from the pillar grouping format to the slicegrouping format, which will be done by the DSTN module. In addition, thetask distribution module determines the number of partitions to dividethe data into (e.g., 2_1 through 2_z) and addressing information foreach partition.

The task distribution module generates an entry in the task executioninformation section for each sub-task to be performed. For example, task1_1 (e.g., identify non-words on the data) has no task ordering (i.e.,is independent of the results of other sub-tasks), is to be performed ondata partitions 2_1 through 2_z by DT execution modules 1_1, 2_1, 3_1,4_1, and 5_1. For instance, DT execution modules 1_1, 2_1, 3_1, 4_1, and5_1 search for non-words in data partitions 2_1 through 2_z to producetask 1_1 intermediate results (R1-1, which is a list of non-words). Task1_2 (e.g., identify unique words) has similar task execution informationas task 1_1 to produce task 1_2 intermediate results (R1-2, which is thelist of unique words).

Task 1_3 (e.g., translate) includes task execution information as beingnon-ordered (i.e., is independent), having DT execution modules 1_1,2_1, 3_1, 4_1, and 5_1 translate data partitions 2_1 through 2_4 andhaving DT execution modules 1_2, 2_2, 3_2, 4_2, and 5_2 translate datapartitions 2_5 through 2_z to produce task 1_3 intermediate results(R1-3, which is the translated data). In this example, the datapartitions are grouped, where different sets of DT execution modulesperform a distributed sub-task (or task) on each data partition group,which allows for further parallel processing.

Task 1_4 (e.g., translate back) is ordered after task 1_3 and is to beexecuted on task 1_3's intermediate result (e.g., R1-3_1) (e.g., thetranslated data). DT execution modules 1_1, 2_1, 3_1, 4_1, and 5_1 areallocated to translate back task 1_3 intermediate result partitionsR1-3_1 through R1-3_4 and DT execution modules 1_2, 2_2, 6_1, 7_1, and7_2 are allocated to translate back task 1_3 intermediate resultpartitions R1-3_5 through R1-3_z to produce task 1-4 intermediateresults (R1-4, which is the translated back data).

Task 1_5 (e.g., compare data and translated data to identify translationerrors) is ordered after task 1_4 and is to be executed on task 1_4'sintermediate results (R4-1) and on the data. DT execution modules 1_1,2_1, 3_1, 4_1, and 5_1 are allocated to compare the data partitions (2_1through 2_z) with partitions of task 1-4 intermediate results partitionsR1-4_1 through R1-4_z to produce task 1_5 intermediate results (R1-5,which is the list words translated incorrectly).

Task 1_6 (e.g., determine non-word translation errors) is ordered aftertasks 1_1 and 1_5 and is to be executed on tasks 1_1's and 1_5'sintermediate results (R1-1 and R1-5). DT execution modules 1_1, 2_1,3_1, 4_1, and 5_1 are allocated to compare the partitions of task 1_1intermediate results (R1-1_1 through R1-1_z) with partitions of task 1-5intermediate results partitions (R1-5_1 through R1-5_z) to produce task1_6 intermediate results (R1-6, which is the list translation errors dueto non-words).

Task 1_7 (e.g., determine words correctly translated) is ordered aftertasks 1_2 and 1_5 and is to be executed on tasks 1_2's and 1_5'sintermediate results (R1-1 and R1-5). DT execution modules 1_2, 2_2,3_2, 4_2, and 5_2 are allocated to compare the partitions of task 1_2intermediate results (R1-2_1 through R1-2_z) with partitions of task 1-5intermediate results partitions (R1-5_1 through R1-5_z) to produce task1_7 intermediate results (R1-7, which is the list of correctlytranslated words).

Task 2 (e.g., find specific words and/or phrases) has no task ordering(i.e., is independent of the results of other sub-tasks), is to beperformed on data partitions 2_1 through 2_z by DT execution modules3_1, 4_1, 5_1, 6_1, and 7_1. For instance, DT execution modules 3_1,4_1, 5_1, 6_1, and 7_1 search for specific words and/or phrases in datapartitions 2_1 through 2_z to produce task 2 intermediate results (R2,which is a list of specific words and/or phrases).

Task 3_2 (e.g., find specific translated words and/or phrases) isordered after task 1_3 (e.g., translate) is to be performed onpartitions R1-3_1 through R1-3_z by DT execution modules 1_2, 2_2, 3_2,4_2, and 5_2. For instance, DT execution modules 1_2, 2_2, 3_2, 4_2, and5_2 search for specific translated words and/or phrases in thepartitions of the translated data (R1-3_1 through R1-3_z) to producetask 3_2 intermediate results (R3-2, which is a list of specifictranslated words and/or phrases).

For each task, the intermediate result information indicates which DSTunit is responsible for overseeing execution of the task and, if needed,processing the partial results generated by the set of allocated DTexecution units. In addition, the intermediate result informationindicates a scratch pad memory for the task and where the correspondingintermediate results are to be stored. For example, for intermediateresult R1-1 (the intermediate result of task 1_1), DST unit 1 isresponsible for overseeing execution of the task 1_1 and coordinatesstorage of the intermediate result as encoded intermediate result slicesstored in memory of DST execution units 1-5. In general, the scratch padis for storing non-DS encoded intermediate results and the intermediateresult storage is for storing DS encoded intermediate results.

FIGS. 33-38 are schematic block diagrams of the distributed storage andtask network (DSTN) module performing the example of FIG. 30. In FIG.33, the DSTN module accesses the data 92 and partitions it into aplurality of partitions 1-z in accordance with distributed storage andtask network (DST) allocation information. For each data partition, theDSTN identifies a set of its DT (distributed task) execution modules 90to perform the task (e.g., identify non-words (i.e., not in a referencedictionary) within the data partition) in accordance with the DSTallocation information. From data partition to data partition, the setof DT execution modules 90 may be the same, different, or a combinationthereof (e.g., some data partitions use the same set while other datapartitions use different sets).

For the first data partition, the first set of DT execution modules(e.g., 1_1, 2_1, 3_1, 4_1, and 5_1 per the DST allocation information ofFIG. 32) executes task 1_1 to produce a first partial result 102 ofnon-words found in the first data partition. The second set of DTexecution modules (e.g., 1_1, 2_1, 3_1, 4_1, and 5_1 per the DSTallocation information of FIG. 32) executes task 1_1 to produce a secondpartial result 102 of non-words found in the second data partition. Thesets of DT execution modules (as per the DST allocation information)perform task 1_1 on the data partitions until the “z” set of DTexecution modules performs task 1_1 on the “zth” data partition toproduce a “zth” partial result 102 of non-words found in the “zth” datapartition.

As indicated in the DST allocation information of FIG. 32, DST executionunit 1 is assigned to process the first through “zth” partial results toproduce the first intermediate result (R1-1), which is a list ofnon-words found in the data. For instance, each set of DT executionmodules 90 stores its respective partial result in the scratchpad memoryof DST execution unit 1 (which is identified in the DST allocation ormay be determined by DST execution unit 1). A processing module of DSTexecution 1 is engaged to aggregate the first through “zth” partialresults to produce the first intermediate result (e.g., R1_1). Theprocessing module stores the first intermediate result as non-DS errorencoded data in the scratchpad memory or in another section of memory ofDST execution unit 1.

DST execution unit 1 engages its DST client module to slice groupingbased DS error encode the first intermediate result (e.g., the list ofnon-words). To begin the encoding, the DST client module determineswhether the list of non-words is of a sufficient size to partition(e.g., greater than a Terabyte). If yes, it partitions the firstintermediate result (R1-1) into a plurality of partitions (e.g., R1-1_1through R1-1_m). If the first intermediate result is not of sufficientsize to partition, it is not partitioned.

For each partition of the first intermediate result, or for the firstintermediate result, the DST client module uses the DS error encodingparameters of the data (e.g., DS parameters of data 2, which includes3/5 decode threshold/pillar width ratio) to produce slice groupings. Theslice groupings are stored in the intermediate result memory (e.g.,allocated memory in the memories of DST execution units 1-5).

In FIG. 34, the DSTN module is performing task 1_2 (e.g., find uniquewords) on the data 92. To begin, the DSTN module accesses the data 92and partitions it into a plurality of partitions 1-z in accordance withthe DST allocation information or it may use the data partitions of task1_1 if the partitioning is the same. For each data partition, the DSTNidentifies a set of its DT execution modules to perform task 1_2 inaccordance with the DST allocation information. From data partition todata partition, the set of DT execution modules may be the same,different, or a combination thereof. For the data partitions, theallocated set of DT execution modules executes task 1_2 to produce apartial results (e.g., 1^(st) through “zth”) of unique words found inthe data partitions.

As indicated in the DST allocation information of FIG. 32, DST executionunit 1 is assigned to process the first through “zth” partial results102 of task 1_2 to produce the second intermediate result (R1-2), whichis a list of unique words found in the data 92. The processing module ofDST execution 1 is engaged to aggregate the first through “zth” partialresults of unique words to produce the second intermediate result. Theprocessing module stores the second intermediate result as non-DS errorencoded data in the scratchpad memory or in another section of memory ofDST execution unit 1.

DST execution unit 1 engages its DST client module to slice groupingbased DS error encode the second intermediate result (e.g., the list ofnon-words). To begin the encoding, the DST client module determineswhether the list of unique words is of a sufficient size to partition(e.g., greater than a Terabyte). If yes, it partitions the secondintermediate result (R1-2) into a plurality of partitions (e.g., R1-2_1through R1-2_m). If the second intermediate result is not of sufficientsize to partition, it is not partitioned.

For each partition of the second intermediate result, or for the secondintermediate results, the DST client module uses the DS error encodingparameters of the data (e.g., DS parameters of data 2, which includes3/5 decode threshold/pillar width ratio) to produce slice groupings. Theslice groupings are stored in the intermediate result memory (e.g.,allocated memory in the memories of DST execution units 1-5).

In FIG. 35, the DSTN module is performing task 1_3 (e.g., translate) onthe data 92. To begin, the DSTN module accesses the data 92 andpartitions it into a plurality of partitions 1-z in accordance with theDST allocation information or it may use the data partitions of task 1_1if the partitioning is the same. For each data partition, the DSTNidentifies a set of its DT execution modules to perform task 1_3 inaccordance with the DST allocation information (e.g., DT executionmodules 1_1, 2_1, 3_1, 4_1, and 5_1 translate data partitions 2_1through 2_4 and DT execution modules 1_2, 2_2, 3_2, 4_2, and 5_2translate data partitions 2_5 through 2_z). For the data partitions, theallocated set of DT execution modules 90 executes task 1_3 to producepartial results 102 (e.g., 1^(st) through “zth”) of translated data.

As indicated in the DST allocation information of FIG. 32, DST executionunit 2 is assigned to process the first through “zth” partial results oftask 1_3 to produce the third intermediate result (R1-3), which istranslated data. The processing module of DST execution 2 is engaged toaggregate the first through “zth” partial results of translated data toproduce the third intermediate result. The processing module stores thethird intermediate result as non-DS error encoded data in the scratchpadmemory or in another section of memory of DST execution unit 2.

DST execution unit 2 engages its DST client module to slice groupingbased DS error encode the third intermediate result (e.g., translateddata). To begin the encoding, the DST client module partitions the thirdintermediate result (R1-3) into a plurality of partitions (e.g., R1-3_1through R1-3_y). For each partition of the third intermediate result,the DST client module uses the DS error encoding parameters of the data(e.g., DS parameters of data 2, which includes 3/5 decodethreshold/pillar width ratio) to produce slice groupings. The slicegroupings are stored in the intermediate result memory (e.g., allocatedmemory in the memories of DST execution units 2-6 per the DST allocationinformation).

As is further shown in FIG. 35, the DSTN module is performing task 1_4(e.g., retranslate) on the translated data of the third intermediateresult. To begin, the DSTN module accesses the translated data (from thescratchpad memory or from the intermediate result memory and decodes it)and partitions it into a plurality of partitions in accordance with theDST allocation information. For each partition of the third intermediateresult, the DSTN identifies a set of its DT execution modules 90 toperform task 1_4 in accordance with the DST allocation information(e.g., DT execution modules 1_1, 2_1, 3_1, 4_1, and 5_1 are allocated totranslate back partitions R1-3_1 through R1-3_4 and DT execution modules1_2, 2_2, 6_1, 7_1, and 7_2 are allocated to translate back partitionsR1-3_5 through R1-3_z). For the partitions, the allocated set of DTexecution modules executes task 1_4 to produce partial results 102(e.g., 1^(st) through “zth”) of re-translated data.

As indicated in the DST allocation information of FIG. 32, DST executionunit 3 is assigned to process the first through “zth” partial results oftask 1_4 to produce the fourth intermediate result (R1-4), which isretranslated data. The processing module of DST execution 3 is engagedto aggregate the first through “zth” partial results of retranslateddata to produce the fourth intermediate result. The processing modulestores the fourth intermediate result as non-DS error encoded data inthe scratchpad memory or in another section of memory of DST executionunit 3.

DST execution unit 3 engages its DST client module to slice groupingbased DS error encode the fourth intermediate result (e.g., retranslateddata). To begin the encoding, the DST client module partitions thefourth intermediate result (R1-4) into a plurality of partitions (e.g.,R1-4_1 through R1-4_z). For each partition of the fourth intermediateresult, the DST client module uses the DS error encoding parameters ofthe data (e.g., DS parameters of data 2, which includes 3/5 decodethreshold/pillar width ratio) to produce slice groupings. The slicegroupings are stored in the intermediate result memory (e.g., allocatedmemory in the memories of DST execution units 3-7 per the DST allocationinformation).

In FIG. 36, a distributed storage and task network (DSTN) module isperforming task 1_5 (e.g., compare) on data 92 and retranslated data ofFIG. 35. To begin, the DSTN module accesses the data 92 and partitionsit into a plurality of partitions in accordance with the DST allocationinformation or it may use the data partitions of task 1_1 if thepartitioning is the same. The DSTN module also accesses the retranslateddata from the scratchpad memory, or from the intermediate result memoryand decodes it, and partitions it into a plurality of partitions inaccordance with the DST allocation information. The number of partitionsof the retranslated data corresponds to the number of partitions of thedata.

For each pair of partitions (e.g., data partition 1 and retranslateddata partition 1), the DSTN identifies a set of its DT execution modules90 to perform task 1_5 in accordance with the DST allocation information(e.g., DT execution modules 1_1, 2_1, 3_1, 4_1, and 5_1). For each pairof partitions, the allocated set of DT execution modules executes task1_5 to produce partial results 102 (e.g., 1^(st) through “zth”) of alist of incorrectly translated words and/or phrases. As indicated in theDST allocation information of FIG. 32, DST execution unit 1 is assignedto process the first through “zth” partial results of task 1_5 toproduce the fifth intermediate result (R1-5), which is the list ofincorrectly translated words and/or phrases. In particular, theprocessing module of DST execution 1 is engaged to aggregate the firstthrough “zth” partial results of the list of incorrectly translatedwords and/or phrases to produce the fifth intermediate result. Theprocessing module stores the fifth intermediate result as non-DS errorencoded data in the scratchpad memory or in another section of memory ofDST execution unit 1.

DST execution unit 1 engages its DST client module to slice groupingbased DS error encode the fifth intermediate result. To begin theencoding, the DST client module partitions the fifth intermediate result(R1-5) into a plurality of partitions (e.g., R1-5_1 through R1-5_z). Foreach partition of the fifth intermediate result, the DST client moduleuses the DS error encoding parameters of the data (e.g., DS parametersof data 2, which includes 3/5 decode threshold/pillar width ratio) toproduce slice groupings. The slice groupings are stored in theintermediate result memory (e.g., allocated memory in the memories ofDST execution units 1-5 per the DST allocation information).

As is further shown in FIG. 36, the DSTN module is performing task 1_6(e.g., translation errors due to non-words) on the list of incorrectlytranslated words and/or phrases (e.g., the fifth intermediate resultR1-5) and the list of non-words (e.g., the first intermediate resultR1-1). To begin, the DSTN module accesses the lists and partitions theminto a corresponding number of partitions.

For each pair of partitions (e.g., partition R1-1_1 and partitionR1-5_1), the DSTN identifies a set of its DT execution modules 90 toperform task 1_6 in accordance with the DST allocation information(e.g., DT execution modules 1_1, 2_1, 3_1, 4_1, and 5_1). For each pairof partitions, the allocated set of DT execution modules executes task1_6 to produce partial results 102 (e.g., 1^(st) through “zth”) of alist of incorrectly translated words and/or phrases due to non-words.

As indicated in the DST allocation information of FIG. 32, DST executionunit 2 is assigned to process the first through “zth” partial results oftask 1_6 to produce the sixth intermediate result (R1-6), which is thelist of incorrectly translated words and/or phrases due to non-words. Inparticular, the processing module of DST execution 2 is engaged toaggregate the first through “zth” partial results of the list ofincorrectly translated words and/or phrases due to non-words to producethe sixth intermediate result. The processing module stores the sixthintermediate result as non-DS error encoded data in the scratchpadmemory or in another section of memory of DST execution unit 2.

DST execution unit 2 engages its DST client module to slice groupingbased DS error encode the sixth intermediate result. To begin theencoding, the DST client module partitions the sixth intermediate result(R1-6) into a plurality of partitions (e.g., R1-6_1 through R1-6_z). Foreach partition of the sixth intermediate result, the DST client moduleuses the DS error encoding parameters of the data (e.g., DS parametersof data 2, which includes 3/5 decode threshold/pillar width ratio) toproduce slice groupings. The slice groupings are stored in theintermediate result memory (e.g., allocated memory in the memories ofDST execution units 2-6 per the DST allocation information).

As is still further shown in FIG. 36, the DSTN module is performing task1_7 (e.g., correctly translated words and/or phrases) on the list ofincorrectly translated words and/or phrases (e.g., the fifthintermediate result R1-5) and the list of unique words (e.g., the secondintermediate result R1-2). To begin, the DSTN module accesses the listsand partitions them into a corresponding number of partitions.

For each pair of partitions (e.g., partition R1-2_1 and partitionR1-5_1), the DSTN identifies a set of its DT execution modules 90 toperform task 1_7 in accordance with the DST allocation information(e.g., DT execution modules 1_2, 2_2, 3_2, 4_2, and 5_2). For each pairof partitions, the allocated set of DT execution modules executes task1_7 to produce partial results 102 (e.g., 1^(st) through “zth”) of alist of correctly translated words and/or phrases.

As indicated in the DST allocation information of FIG. 32, DST executionunit 3 is assigned to process the first through “zth” partial results oftask 1_7 to produce the seventh intermediate result (R1-7), which is thelist of correctly translated words and/or phrases. In particular, theprocessing module of DST execution 3 is engaged to aggregate the firstthrough “zth” partial results of the list of correctly translated wordsand/or phrases to produce the seventh intermediate result. Theprocessing module stores the seventh intermediate result as non-DS errorencoded data in the scratchpad memory or in another section of memory ofDST execution unit 3.

DST execution unit 3 engages its DST client module to slice groupingbased DS error encode the seventh intermediate result. To begin theencoding, the DST client module partitions the seventh intermediateresult (R1-7) into a plurality of partitions (e.g., R1-7_1 throughR1-7_z). For each partition of the seventh intermediate result, the DSTclient module uses the DS error encoding parameters of the data (e.g.,DS parameters of data 2, which includes 3/5 decode threshold/pillarwidth ratio) to produce slice groupings. The slice groupings are storedin the intermediate result memory (e.g., allocated memory in thememories of DST execution units 3-7 per the DST allocation information).

In FIG. 37, the distributed storage and task network (DSTN) module isperforming task 2 (e.g., find specific words and/or phrases) on the data92. To begin, the DSTN module accesses the data and partitions it into aplurality of partitions 1-z in accordance with the DST allocationinformation or it may use the data partitions of task 1_1 if thepartitioning is the same. For each data partition, the DSTN identifies aset of its DT execution modules 90 to perform task 2 in accordance withthe DST allocation information. From data partition to data partition,the set of DT execution modules may be the same, different, or acombination thereof. For the data partitions, the allocated set of DTexecution modules executes task 2 to produce partial results 102 (e.g.,1^(st) through “zth”) of specific words and/or phrases found in the datapartitions.

As indicated in the DST allocation information of FIG. 32, DST executionunit 7 is assigned to process the first through “zth” partial results oftask 2 to produce task 2 intermediate result (R2), which is a list ofspecific words and/or phrases found in the data. The processing moduleof DST execution 7 is engaged to aggregate the first through “zth”partial results of specific words and/or phrases to produce the task 2intermediate result. The processing module stores the task 2intermediate result as non-DS error encoded data in the scratchpadmemory or in another section of memory of DST execution unit 7.

DST execution unit 7 engages its DST client module to slice groupingbased DS error encode the task 2 intermediate result. To begin theencoding, the DST client module determines whether the list of specificwords and/or phrases is of a sufficient size to partition (e.g., greaterthan a Terabyte). If yes, it partitions the task 2 intermediate result(R2) into a plurality of partitions (e.g., R2_1 through R2_m). If thetask 2 intermediate result is not of sufficient size to partition, it isnot partitioned.

For each partition of the task 2 intermediate result, or for the task 2intermediate results, the DST client module uses the DS error encodingparameters of the data (e.g., DS parameters of data 2, which includes3/5 decode threshold/pillar width ratio) to produce slice groupings. Theslice groupings are stored in the intermediate result memory (e.g.,allocated memory in the memories of DST execution units 1-4, and 7).

In FIG. 38, the distributed storage and task network (DSTN) module isperforming task 3 (e.g., find specific translated words and/or phrases)on the translated data (R1-3). To begin, the DSTN module accesses thetranslated data (from the scratchpad memory or from the intermediateresult memory and decodes it) and partitions it into a plurality ofpartitions in accordance with the DST allocation information. For eachpartition, the DSTN identifies a set of its DT execution modules toperform task 3 in accordance with the DST allocation information. Frompartition to partition, the set of DT execution modules may be the same,different, or a combination thereof. For the partitions, the allocatedset of DT execution modules 90 executes task 3 to produce partialresults 102 (e.g., 1^(st) through “zth”) of specific translated wordsand/or phrases found in the data partitions.

As indicated in the DST allocation information of FIG. 32, DST executionunit 5 is assigned to process the first through “zth” partial results oftask 3 to produce task 3 intermediate result (R3), which is a list ofspecific translated words and/or phrases found in the translated data.In particular, the processing module of DST execution 5 is engaged toaggregate the first through “zth” partial results of specific translatedwords and/or phrases to produce the task 3 intermediate result. Theprocessing module stores the task 3 intermediate result as non-DS errorencoded data in the scratchpad memory or in another section of memory ofDST execution unit 7.

DST execution unit 5 engages its DST client module to slice groupingbased DS error encode the task 3 intermediate result. To begin theencoding, the DST client module determines whether the list of specifictranslated words and/or phrases is of a sufficient size to partition(e.g., greater than a Terabyte). If yes, it partitions the task 3intermediate result (R3) into a plurality of partitions (e.g., R3_1through R3_m). If the task 3 intermediate result is not of sufficientsize to partition, it is not partitioned.

For each partition of the task 3 intermediate result, or for the task 3intermediate results, the DST client module uses the DS error encodingparameters of the data (e.g., DS parameters of data 2, which includes3/5 decode threshold/pillar width ratio) to produce slice groupings. Theslice groupings are stored in the intermediate result memory (e.g.,allocated memory in the memories of DST execution units 1-4, 5, and 7).

FIG. 39 is a diagram of an example of combining result information intofinal results 104 for the example of FIG. 30. In this example, theresult information includes the list of specific words and/or phrasesfound in the data (task 2 intermediate result), the list of specifictranslated words and/or phrases found in the data (task 3 intermediateresult), the list of non-words found in the data (task 1 firstintermediate result R1-1), the list of unique words found in the data(task 1 second intermediate result R1-2), the list of translation errorsdue to non-words (task 1 sixth intermediate result R1-6), and the listof correctly translated words and/or phrases (task 1 seventhintermediate result R1-7). The task distribution module provides theresult information to the requesting DST client module as the results104.

FIG. 40A is a schematic block diagram of another embodiment of adistributed computing system. The system includes a network 24 and adistributed storage and task network (DSTN) module 22. The DSTN module22 includes a plurality of tiered storage pools 352, 354, and 356 (e.g.,tiers 1-3). Each storage pool of the plurality of tiered storage pools352-356 includes a set of distributed storage and task (DST) executionmodules 36 utilized to access at least one of slices 350 and error codedslices 351. Each storage pool of the plurality of tiered storage pools352-356 is operably coupled via the network 24 to the plurality oftiered storage pools 352-356 to facilitate migrating slices 350 and/orerror coded slices 351 (e.g., “slices”). The migrating slices may enablea more favorable match of a slice storage performance requirement and anactual slice storage performance when at least one storage pool of theplurality of storage pools 352-356 is associated with an actual slicestorage performance level that is different than an actual slice storageperformance level associated with at least one other storage pool.

Each storage pool may be associated with a target slice storageperformance level, where the target slice storage performance levelincludes one or more of an access latency level, an access bandwidthlevel, a cost level, a storage capacity level, a geographic affiliation,a security level, and an availability level. For example, the tier 1storage pool 352 may be associated with active storage requiring atarget slice performance level that includes a lowest access latencyperformance level and an average reliability level. As another example,the tier 3 storage pool 356 may be associated with inactive storagerequiring a target slice performance level that includes allowing ahighest access latency performance level and mandating a highestreliability level. As yet another example, the tier 2 storage pool 354may be associated with near line storage requiring a target sliceperformance level including an average access latency performance leveland an average reliability level.

From time to time, a determination may be made (e.g., by one or more ofthe DST execution units 36, by a DS processing unit, by a processingmodule) whether to move slices from a first storage pool to a secondstorage pool to achieve a better match of required performance anddelivered performance when a change is detected in required performance.For example, a determination is made to move slices from a storage poolassociated with an active tier level of performance to a storage poolassociated with a near line tier level of performance when a frequencyof access of the slices falls below an active access threshold level.The detecting the change in required performance may be based on one ormore of a vault utilization level, a number of slice accesses per unitof time (e.g., access frequency), a timestamp associated with a lastslice access, a slice access quality of service goal, an estimated costof moving slices, and an actual quality of service level. The detectinga change in required performance may include one or more of initiating aquery, performing a performance test, monitoring historical performanceinformation, detecting activity, and receiving a request.

FIG. 40B is a flowchart illustrating an example of migrating slices. Themethod begins at step 358 where a processing module (e.g., of adistributed storage and task (DST) client module) obtains storagecharacteristics for data stored in a storage tier of a plurality ofstorage tiers as a plurality of sets of encoded slices (e.g., slicesand/or error coded slices). The storage characteristics includes one ormore of a present storage tier level utilized to store the data, adelivered performance level associated with the present storage tier,and a required performance level associated with the data. The obtainingincludes one or more of a lookup, a query, a test, and detecting achange in the required performance level. The method continues at step360 where the processing module determines whether to move the data toanother storage tier based on the storage characteristics. Thedetermining includes indicating to move the data when the deliveredperformance level associated with the present storage tier comparesunfavorably to the required performance level associated with the data.The method loops back to step 358 when the processing module determinesto not move the data. The method continues to step 362 when theprocessing module determines to move the data.

The method continues at step 362 where the processing module selects atarget storage tier. The selecting includes identifying a storage tierwith an associated delivered performance level that more favorablymatches the required performance level associated with the data. Forexample, the processing module identifies an active storage tier whenthe required performance level associated with the data better matchesthe active storage tier performance than the storage tier (e.g. previousstorage tier). For instance, a change in required performance level isdetected when a higher access frequency is detected for the data.

The method continues at step 364 where the processing module determineswhether to re-encode the data. The determining may be based on one ormore of a storage capacity level of the target storage tier, autilization level of the target storage tier, and a storage reliabilityrequirement. For example, the processing module determines to re-encodethe data when an above-average storage reliability requirement isdetected. The method branches to step 372 when the processing moduledetermines to re-encode the data. The method continues to step 366 whenthe processing module determines not to re-encode the data.

The method continues at step 366, where, for each set of encoded dataslices, the processing module retrieves a set of encoded data slices(e.g., generate and send a set of read slice requests to the storagetier). The method continues at step 368 where the processing moduletranslates slice names associated with the set of encoded data slicesfrom the storage tier to the target storage tier to produce a set oftranslated slice names. The translating may be based on one or more ofdispersed storage error coding function parameters of the storage tierand dispersed storage error coding function parameters of the targetstorage tier. For example, the processing module changes a vaultidentifier (ID) to align the set of translated slice names with thetarget storage tier. The method continues at step 370 where theprocessing module stores the set of encoded data slices in the targetstorage tier utilizing the set of translated slice names. The storingincludes generating a set of write requests that includes the set oftranslated slice names and the set of encoded data slices and outputtingthe set of write requests to the target storage tier.

When the processing module determines to re-encode the data, the methodcontinues at step 372, where, for each set of encoded data slices, theprocessing module retrieves at least a decode threshold number ofencoded data slices when the processing module determines to re-encodethe data. The retrieving includes generating a set of read slicerequests, outputting the set of read slice requests to the storage tier,and receiving the at least the decode threshold number of encoded dataslices. The method continues at step 374 where the processing moduledecodes the decode threshold number of encoded data slices to produce adata segment utilizing a first set of dispersed storage error codingfunction parameters associated with the storage tier.

The method continues at step 376 where the processing module encodes thedata segment to produce a set of target slices utilizing a second set ofdispersed storage error coding function parameters associated with thetarget storage tier. The method continues at step 378 where theprocessing module generates a set of target slice names in accordancewith the second set of dispersed storage error coding functionparameters. The generating includes utilizing a vault ID associated withthe target storage tier and a slice index associated with a pillar widthvalue of the vault. The method continues at step 380 where theprocessing module stores the set of target slices in the target storagetier utilizing the target slice names. The storing includes generating aset of write requests that includes the set of target slice names and aset of target slices and outputting the set of write requests to thetarget storage tier.

FIG. 41A is a schematic block diagram of an embodiment of a cloudcomputing system that includes a cloud system managing unit 382, a cloudsystem certificate authority 381, a plurality of certificate authorities383, a plurality of authentication servers 384, and a plurality of setsof devices 385. The cloud system managing unit 382 includes a processingmodule (PM) and a memory (MEM). The memory may include one or morememory sections as is discussed in greater detail with reference to FIG.41D. The memory may include one or more of read-only memory and randomaccess memory. The memory may be implemented utilizing one or morememory devices. Each memory device of the one or more memory devices maybe implemented utilizing one or more of solid-state memory, optical discmemory, and a magnetic disk memory. The cloud system managing unit 382may be implemented utilizing at least one of a server, a computer, adistributed storage (DS) managing unit, a distributed storage and tasknetwork (DSTN) managing unit, a DS processing unit, a distributedstorage and task (DST) processing unit, a DS integrity processing unit,and a DST integrity processing unit.

The cloud system certificate authority 381 includes the PM and the MEM.The cloud system certificate authority 381 may be implemented utilizingat least one of a server, a computer, a DS managing unit, a DSTNmanaging unit, a DS processing unit, a DST processing unit, a DSintegrity processing unit, a DST integrity processing unit, and acertificate authority 383. Each certificate authority 383 of theplurality of certificate authorities 383 includes the PM and the MEM.Each certificate authority 383 may be implemented utilizing at least oneof a server, a computer, a DS managing unit, a DSTN managing unit, a DSprocessing unit, a DST processing unit, a DS integrity processing unit,a DST integrity processing unit, and the certificate authority 383. Eachauthentication server 384 of the plurality of authentication servers 384includes the PM and the MEM. Each authentication server 384 may beimplemented utilizing at least one of a server, a computer, a DSmanaging unit, a DSTN managing unit, a DS processing unit, a DSTprocessing unit, a DS integrity processing unit, a DST integrityprocessing unit, and the cloud system certificate authority 381. Eachset of devices 385 of the plurality of sets of devices 385 includes aplurality of devices 386. Each device 386 of the plurality of devices386 includes the PM and the MEM. Each device 386 may be implementedutilizing at least one of a storage unit, a storage server, a memoryunit, a user device, a computer, a DS unit, and a DST execution unit.

The cloud computing system functions to establish trust and configurethe cloud computing system based on established trust. In particular,the cloud computing system functions to establish trust between theplurality of authentication servers 384 and the plurality of sets ofdevices 385, establish trust between the plurality of authenticationservers 384 and the cloud system managing unit 382, establish trustbetween the cloud system managing unit 382 and the plurality of sets ofdevices 385, and configures the cloud computing system based onestablished trust between the cloud system managing unit 382 and theplurality of sets of devices 385.

A set of devices 385 of the plurality of sets of devices 385 includesone or more devices 386 having a common aspect. The common aspectincludes at least one of a vendor identifier, a device type identifier,a version identifier, a functionality identifier, and an assignedidentifier (e.g., a predetermined, random, assigned to one of thecertificate authorities 383, common manufacturing timeframe). Forexample, the one or more devices 386 were manufactured by a commonvendor. An authentication server 384 of the plurality of authenticationservers 384 is associated with one of the plurality of sets of devices385 based on the common aspect. For example, the authentication server384 is associated with the common vendor. Each authentication server 384of the plurality of authentication servers 384 has a unique device levelserver trusted certificate and a unique system level server trustedcertificate (e.g., stored in MEM of the authentication server 384).

One certificate authority 383 of the plurality of certificateauthorities 383 is affiliated with a corresponding one of the pluralityof authentication servers 384 based on the common aspect. For example,the one certificate authority 383 is associated with the common vendor.The one certificate authority 383 of the plurality of certificateauthorities 383 generates the unique device level server trustedcertificate for the corresponding one of the plurality of authenticationservers 384. The cloud system certificate authority 381 generates asystem level manager trusted certificate for the cloud system managingunit 382 and generates the unique system level server trustedcertificates for each of the plurality of authentication servers 384.The cloud system managing unit 382 has the system level manager trustedcertificate (e.g., stores the system level manager trusted certificatein MEM of the cloud system managing unit 382).

Each of the plurality of authentication servers 384 and the one or moredevices 386 of each of the plurality of sets of devices 385 establishestrust based on the common aspect and the unique device level servertrusted certificate of the each of the plurality of authenticationservers 384. The cloud system managing unit 382 and the one or moredevices 386 of each of the plurality of sets of devices 385 establishtrust based on the trust between each of the plurality of authenticationservers 384 and the one or more devices 386 of each of the plurality ofsets of devices 385 and the trust between each of the plurality ofauthentication servers 384 and the cloud system managing unit 382.

The cloud computing system functions to establish the trust by a seriesof trust establishing steps. In a first trust establishing step, acorresponding one of the plurality of authentication servers 384 and theone or more devices 386 of the one of the plurality of sets of devices385 establishes trust with each other based on the unique device levelserver trusted certificate of the corresponding one of the plurality ofauthentication servers 384. The corresponding one of the plurality ofauthentication servers 384 and the one or more devices 386 of the one ofthe plurality of sets of devices 385 establishing trust includes aseries of server-device trust steps. A first server-device trust stepincludes sending, by a device 386 of the one or more devices 386, anauthentication request to the corresponding one of the plurality ofauthentication servers 384, where the device 386 is programmed with theunique device level server trusted certificate of the corresponding oneof the plurality of authentication servers 384 and where theauthentication request references the unique device level server trustedcertificate (e.g., the device 386 that previously received the uniquedevice level server trusted certificate). The authentication requestincludes at least one of a request that the one of the plurality ofauthentication servers 384 sign something (e.g., utilizing a private keyassociated with a public-private key pair where the unique device levelserver trusted certificate includes a public key of the public-privatekey pair) and that the one of the plurality of authentication servers384 decrypt something using the private key. The sending includesoutputting the authentication request to the one of the plurality ofauthentication servers 384 using an Internet protocol (IP) address ofthe one of the plurality of authentication servers 384 (e.g., extractedfrom the unique device level server trusted certificate).

A second server-device trust step includes generating, by thecorresponding one of the plurality of authentication servers 384, anauthentication response based on the authentication request (e.g., usingthe private key to sign the something or decrypt the something). Whenthe authentication response is verified, a third server-device truststep includes sending, by the device 386, device configurationinformation to the corresponding one of the plurality of authenticationservers 384. The device 386 verifies the authentication response by atleast one of verifying a signature of a received signed something usingthe public key and verifying a received encrypted something using thepublic key. For example, the device 386 indicates the authenticationresponse is verified when a decrypted received signed something usingthe public key matches a corresponding previously sent something. Asanother example, the device 386 indicates the authentication response isverified when a decrypted received encrypted something using the publickey matches a corresponding previously sent something. The deviceconfiguration information includes one or more of hardware configurationinformation of the device 386, a universally unique identifier (UUID) ofthe device 386, a device type indicator of the device 386 (e.g., DSunit), a public key associated with the device 386, and a digest of thepublic key associated with the device 386. The sending by the device 386includes outputting the device configuration information to thecorresponding one of the plurality of authentication servers 384 usingthe IP address of the one of the plurality of authentication servers384. The one of the plurality of authentication servers 384 may forwardthe device configuration information to the cloud system managing unit382.

A fourth server-device trust step includes receiving, by the device 386,manager information regarding the cloud system managing unit 382 (e.g.,from the cloud system managing unit 382 via the one of the plurality ofauthentication servers 384). The manager information includes one ormore of an IP address of the cloud system managing unit 382, the systemlevel manager trusted certificate, IP address assignment for the device386, and an IP address for each device 386 of a corresponding set ofdevices 385.

In a second trust establishing step, the corresponding one of theplurality of authentication servers 384 and the cloud system managingunit 382 establishes trust with each other based on at least one of theunique system level server trusted certificate and the system levelmanager trusted certificate. For example, each of the cloud systemmanaging unit 382 and the one of the plurality of authentication servers384 verifies that unique system level server trusted certificate and thesystem level manager trusted certificate have been signed by the cloudsystem certificate authority 381.

In a third trust establishing step, the cloud system managing unit 382and the one or more devices 386 of one of the plurality of sets ofdevices 385 establish trust with each other based on the trust betweenthe corresponding one of the plurality of authentication servers 384 andthe one or more devices 386 of the one of the plurality of sets ofdevices 385 and the trust between the corresponding one of the pluralityof authentication servers 384 and the cloud system managing unit 382.The cloud system managing unit 382 and the one or more devices 386 ofone of the plurality of sets of devices 385 establishing trust includesa series of manager-device trust steps. A first manager-device truststep includes sending, by a device 386 of the one or more devices 386, amanager authentication request (e.g., sign something, and/or decryptsomething to make sure that the cloud system managing unit 382 has aprivate key corresponding to the cloud system managing unit 382) to thecloud system managing unit 382 based on manager information where themanager authentication request references the system level managertrusted certificate (e.g., using a previously received public keyassociated with the cloud system managing unit 382, using a previouslyreceived IP address associated with the cloud system managing unit 382).

A second manager-device trust step includes generating, by the cloudsystem managing unit 382, a manager authentication response based on themanager authentication request (e.g., signing the something, and/ordecrypting the something using the private key associated with the cloudsystem managing unit 382). The generating further includes outputtingthe manager authentication response to the device 386. The device 386indicates that the manager authentication response is verified when atleast one of a received signed something is verified using the publickey of the cloud system managing unit 382 and a received encryptedsomething is verified using the public key of the cloud system managingunit 382.

A third manager-device trust step includes sending, by the device 386, acertificate signing request to the cloud system managing unit 382. Thesending includes generating and outputting the certificate signingrequest when the manager authentication response is verified. Thegenerating of the certificate signing request includes generating a bodyof the certificate signing request to include one or more of a deviceidentifier of the device 386, the UUID of the device 386, the devicetype indicator of the device 386 (e.g., DS unit), the public keyassociated with the device 386, and the digest of the public keyassociated with the device 386. The generating of the certificatesigning request further includes generating a signature over the body ofthe certificate signing request using a private key of the device 386,and outputting the body of the certificate signing request and thesignature over the body of the signature signing request to the cloudsystem managing unit 382 using the IP address of the cloud systemmanaging unit 382. A fourth manager-device trust step includes sending,by the cloud system managing unit 382, a signed certificate to thedevice 386 in response to the certificate signing request. The sendingincludes generating the signed certificate by signing at least a portionof the certificate signing request using the private key associated withthe cloud system managing unit 382 when the certificate signing requestis verified. The verifying the certificate signing request includesindicating that the certificate signing request is verified when areceived UUID of the certificate signing request matches a previouslyreceived UUID from the one of the plurality of authentication servers384.

The cloud system managing unit 382 configures the cloud computing systembased on the trust between the cloud system managing unit 382 anddevices 386 of the plurality of sets of devices 385. The configuringincludes facilitating subsequent device 386 operation. The facilitatingincludes the device 386 accessing another entity of the cloud computingsystem using the signed certificate from the cloud system managing unit382 and the other entity verifying the signed certificate prior toproviding a response to the accessing.

FIG. 41B is a schematic block diagram of authentication system timingthat includes a cloud system managing unit 382, a plurality ofauthentication servers 384, and a plurality of sets of devices 386. Eachauthentication server 384 is operable to facilitate initialization andauthorization of one or more devices 386 of the set of correspondingdevices 386 with regards to subsequent utilization of the one or moredevices 386 within a cloud computing system. The initialization andauthorization includes a sequence of transactions between one or more ofthe cloud system managing unit 382, each authentication server 384 ofthe plurality of authentication servers 384, and the plurality of setsof devices 386.

In an example of operation, an authentication server 384 of theplurality of sets of authentication servers 384 issues initializationinformation 388 to one or more devices 386 of a corresponding set ofdevices 386 of the plurality of sets of devices 386. Alternatively, theinitialization information 388 may be hardcoded into the one or moredevices 386 at a time of initial configuration during manufacture. Theinitialization information 388 includes one or more of theauthentication server 384 internet protocol (IP) address and a vendorcertificate authority signed certificate (e.g., a unique device levelserver trusted certificate) when the authentication server 384 and theone or more devices 386 are associated with a common vendor (e.g.,associated by a common aspect). A device 386 of the one or more devices386 receives initialization information 388, generates an authenticationrequest 390, and outputs the authentication request 390 to theauthentication server 384 (e.g. a common vendor server). Theauthentication request 390 includes at least one of a request for theauthentication server 384 to sign information to be signed and a requestfor the authentication server 384 to decrypt information to be decrypted(e.g., to verify that the vendor server has a proper vendor certificateauthority signed certificate).

The authentication server 384 receives the authentication request 390,generates an authentication response 392 based on the authenticationrequest 390, and outputs the authentication response 392 to the device386. The authentication response 392 includes at least one of asignature for the information to be signed and a decryption of theinformation to be decrypted. The device 386 receives the authenticationresponse 392 and validates the authentication response 392 to verifythat authentication server 384 has the vendor certificate authoritysigned certificate. The device 386 generates configuration information394 and outputs the configuration information 394 to the authenticationserver 384 when the authentication response 392 is validated. Theconfiguration information 394 includes one or more of hardwareconfiguration information of the device 386, a universally uniqueidentifier (UUID) of the device 386, a device type indicator of thedevice 386, a device 386 public-key of a public-private key pair, and apublic-key hash digest of the device 386 public-key. The authenticationserver 384 receives the configuration information 394 from the device386 and other configuration information 394 from other devices 386. Theauthentication server 384 aggregates configuration information 394 fromdevices 386 to produce aggregated configuration information 396. Theauthentication server 384 outputs the aggregated configurationinformation 396 to the cloud system managing unit 382. Such outputtingmay provide a system configuration enhancement as UUIDs of the pluralityof sets of devices 386 do not have to be entered manually into the cloudsystem managing unit 382.

The cloud system managing unit 382 receives the aggregated configurationinformation 396 and establishes a list of the plurality of sets ofdevices 386 and associated configuration information 394 of each device386. The cloud system managing unit 382 generates manager information398 and outputs the manager information 398 to the authentication server384. The manager information 398 includes one or more of a manager IPaddress (e.g., of the cloud system managing unit 382), a manager signedcertificate, and an IP address assignment of the device 386.Alternatively, the manager information 398 includes IP addresses foreach device 386 of a set of devices 386. The authentication server 384receives the manager information 398 and to outputs the managerinformation 398 to the device 386 as manager information 400.Alternatively, the authentication server 384 outputs manager information398 associated with each device 386 of the set of devices as the managerinformation 400 to each device 386 of the set of devices 386 when eachdevice 386 of the set of devices 386 has successfully authenticated withthe authentication server 384 and provided corresponding configurationinformation 394.

The device 386 generates a manager authentication request 402 and sendsthe manager authentication request 402 to the cloud system managing unit382. The sending includes outputting the manager authentication request402 directly to the cloud system managing unit 382 and sending themanager authentication request 402 to the cloud system managing unit 382via the authentication server 384. The manager authentication request402 includes at least one of a request for the cloud system managingunit 382 to sign information to be signed and a request for the cloudsystem managing unit 382 to decrypt information to be decrypted (e.g.,to verify that the cloud system managing unit 382 has a proper managersigned certificate). The cloud system managing unit 382 receives themanager authentication request 402, generates a manager authenticationresponse 404, and outputs the manager authentication response 404 to thedevice 386. The manager authentication response 404 includes at leastone of a signature for the information to be signed and a decryption ofthe information to be decrypted. The device 386 receives the managerauthentication response 404 and validates the manager authenticationresponse 404 to verify that cloud system managing unit 382 has themanager signed certificate.

When the device 386 has validated the manager authentication response404, the device 386 generates a certificate signing request 406 andoutputs the certificate signing request 406 to the cloud system managingunit 382. The certificate signing request 406 includes one or more of adevice identifier of device 386 (e.g., the UUID), the device 386 publickey, the hash of the public key of the device 386, a signature over thecertificate signing request 406, where the signature is generatedutilizing the private key of the device 386. The cloud system managingunit 382 receives the certificate signing request 406, validates thecertificate signing request 406, generates a signed certificate 408 whenthe certificate signing request 406 is validated, and outputs the signedcertificate 408 to the device 386. The validating includes one or moreof verifying that the UUID of the device 386 compares favorably to theaggregated configuration information 396 (e.g., the UUID is included inthe aggregated configuration information 396), verifying that thereceived public-key hash digest is substantially the same as apublic-key hash digest of the aggregated configuration information 396,and a signature of the certificate signing request 406 is valid. Thegenerating of the signed certificate 408 includes at least one ofsigning the certificate signing request 406 utilizing a private key ofthe cloud system managing unit 382 and appending a root certificateauthority signed certificate to the signed certificate. The device 386receives the signed certificate 408 and utilizes the signed certificate408 with regards to subsequent access scenarios with the cloud computingsystem (e.g., accessing other entities of the cloud computing system).

FIG. 41C is a flowchart illustrating an example of authenticating adevice. The method begins at step 410 where a processing module (e.g.,of a device) receives initialization information. The method continuesat step 412 where the processing module generates an authenticationrequest. The method continues at step 414 where the processing modulesends the authentication request to an authentication server. The methodcontinues at step 416 where the processing module receives anauthentication response from the authentication server. When theauthentication response from the authentication server is authenticated,the method continues at step 418 where the processing module generatesconfiguration information. The method continues at step 420 where theprocessing module sends the configuration information to theauthentication server.

The method continues at step 422 where the processing module receivesmanager information. The method continues at step 424 where theprocessing module generates a manager authentication request based onthe manager information. The method continues at step 426 where theprocessing module sends the manager authentication request to a cloudsystem managing unit. The method continues at step 428 where theprocessing module receives a manager authentication response. When themanager authentication response is authenticated, the method continuesat step 430 where the processing module generates a certificate signingrequest. The method continues at step 432 where the processing modulesends the certificate signing request to the cloud system managing unit.The method continues at step 434 where the processing module receives asigned certificate. The method continues at step 436 where theprocessing module utilizes the signed certificate in a subsequent cloudcomputing system access.

FIG. 41D is a schematic block diagram of another embodiment of a cloudcomputing system that includes a cloud system managing unit 382, a cloudsystem certificate authority 381, a plurality of certificate authorities383, a plurality of authentication servers 384, and a plurality of setsof devices 385. The cloud system managing unit 382 includes a processingmodule (PM) and one or more memory sections. The one or more memorysections of the cloud system managing unit 382 includes a first memorysection (1st MEM), a fourth memory section (4th MEM), a fifth memorysection (5th MEM), and a sixth memory section (6th MEM). Each memorysection may include one or more of read-only memory and random accessmemory. The memory section may be implemented utilizing one or morememory devices. Each memory device of the one or more memory devices maybe implemented utilizing one or more of solid-state memory, optical discmemory, and a magnetic disk memory. The cloud system managing unit 382may be implemented utilizing at least one of a server, a computer, adistributed storage (DS) managing unit, a distributed storage and tasknetwork (DSTN) managing unit, a DS processing unit, a distributedstorage and task (DST) processing unit, a DS integrity processing unit,and a DST integrity processing unit.

The cloud system certificate authority 381 includes the PM and a seventhmemory section (7th MEM). The cloud system certificate authority 381 maybe implemented utilizing at least one of a server, a computer, a DSmanaging unit, a DSTN managing unit, a DS processing unit, a DSTprocessing unit, a DS integrity processing unit, a DST integrityprocessing unit, and a certificate authority 383. Each certificateauthority 383 of the plurality of certificate authorities 383 includesthe PM and a seventh memory section (7th MEM). Each certificateauthority 383 may be implemented utilizing at least one of a server, acomputer, a DS managing unit, a DSTN managing unit, a DS processingunit, a DST processing unit, a DS integrity processing unit, a DSTintegrity processing unit, and the certificate authority 383. Eachauthentication server 384 of the plurality of authentication servers 384includes the PM, a second memory section (2nd MEM), a third memorysection (3rd MEM), and the fourth memory section (4th MEM). Eachauthentication server 384 may be implemented utilizing at least one of aserver, a computer, a DS managing unit, a DSTN managing unit, a DSprocessing unit, a DST processing unit, a DS integrity processing unit,a DST integrity processing unit, and the cloud system certificateauthority 381. Each set of devices 385 of the plurality of sets ofdevices 385 includes a plurality of devices 386. Each device 386 of theplurality of devices 386 includes the PM, the third memory section (3rdMEM), and the fifth memory section (5th MEM). Each device 386 may beimplemented utilizing at least one of a storage unit, a storage server,a memory unit, a user device, a computer, a DS unit, and a DST executionunit.

The cloud computing system functions to establish trust and configurethe cloud computing system based on established trust. In particular,the cloud computing system functions to establish trust between theplurality of authentication servers 384 and the plurality of sets ofdevices 385, establish trust between the plurality of authenticationservers 384 and the cloud system managing unit 382, establish trustbetween the cloud system managing unit 382 and the plurality of sets ofdevices 385, and configures the cloud computing system based onestablished trust between the cloud system managing unit 382 and theplurality of sets of devices 385.

A set of devices 385 of the plurality of sets of devices 385 includesone or more devices 386 having a common aspect. The common aspectincludes at least one of a vendor identifier, a device type identifier,a version identifier, a functionality identifier, and an assignedidentifier (e.g., a predetermined, random, assigned to one of thecertificate authorities 383, common manufacturing timeframe). Forexample, the one or more devices 386 were manufactured together in acommon manufacturing timeframe. An authentication server 384 of theplurality of authentication servers 384 is associated with one of theplurality of sets of devices 385 based on the common aspect. Forexample, the authentication server 384 is associated with the commonmanufacturing timeframe.

One certificate authority 383 of the plurality of certificateauthorities 383 is affiliated with a corresponding one of the pluralityof authentication servers 384 based on the common aspect. For example,the one certificate authority 383 is associated with the commonmanufacturing timeframe. The one certificate authority 383 of theplurality of certificate authorities 383 generates a unique device levelserver trusted certificate for the corresponding one of the plurality ofauthentication servers 384. The cloud system certificate authority 381generates a system level manager trusted certificate for the cloudsystem managing unit 382 and generates a unique system level servertrusted certificate for each of the plurality of authentication servers384.

In particular, cloud system certificate authority 381 and the pluralityof certificate authorities 383 includes a plurality of seventh memorysections. A seventh memory section of the plurality of seventh memorysections stores operational instructions that, when executed by the oneor more processing modules (e.g. of the cloud system certificateauthority 381, of a certificate authority 383), causes the one or moreprocessing modules to generate the unique device level server trustedcertificate for the corresponding one of the plurality of authenticationservers 384 based on the common aspect. Alternatively, or in additionto, the seventh memory section stores operational instructions that,when executed by the one or more processing modules, causes the one ormore processing modules to generate the system level manager trustedcertificate for the cloud system managing unit 382 and generate theunique system level server trusted certificates for each of theplurality of authentication servers 384.

The first memory section stores the system level manager trustedcertificate for the cloud system managing unit 382. The plurality ofauthentication servers 384 includes a plurality of second memorysections. A second memory section of the plurality of second memorysections stores the unique device level server trusted certificate andthe unique system level server trusted certificate for one of theplurality of authentication servers 384.

The plurality of authentication servers 384 and each device 386 of theplurality of sets of devices 385 includes a plurality of third memorysections. A third memory section of the plurality of third memorysections stores operational instructions that, when executed by one ormore processing modules (e.g., of the plurality of authenticationservers 384 and each device 386 of the plurality of sets of devices385), causes the one or more processing modules to establish trustbetween a corresponding one of the plurality of authentication servers384 and one or more devices 386 of one of a plurality of sets of devices385 based on the unique device level server trusted certificate of thecorresponding one of the plurality of authentication servers 384, wherea set of devices 385 of the plurality of sets of devices 385 includesthe one or more devices 386 having a common aspect.

The third memory section further stores operational instructions that,when executed by one or more processing modules, causes the one or moreprocessing modules to perform a series of server-device authenticationsteps. In a first server-device authentication step, the processingmodule of a device 386 of the one or more devices 386 sends anauthentication request to the corresponding one of the plurality ofauthentication servers 384, where the device 386 is programmed with theunique device level server trusted certificate of the corresponding oneof the plurality of authentication servers and where the authenticationrequest references the unique device level server trusted certificate.In a second server-device authentication step, the processing module ofthe corresponding one of the plurality of authentication servers 384generates an authentication response based on the authenticationrequest. In a third server-device authentication step, when theauthentication response is verified by the processing module of thedevice 386, the processing module of the device 386 sends deviceconfiguration information to the corresponding one of the plurality ofauthentication servers 384. In a fourth server-device authenticationstep, the processing module of the device 386 receives managerinformation regarding the cloud system managing unit 382 (e.g., the oneof the plurality of authentication servers 384 issues the managerinformation regarding the cloud system managing unit 382).

The cloud system managing unit 382 and the plurality of authenticationservers 384 includes a plurality of fourth memory sections. A fourthmemory section of the plurality of fourth memory sections storesoperational instructions that, when executed by the one or moreprocessing modules (e.g., of the cloud system managing unit 382 and theplurality of authentication servers 384), causes the one or moreprocessing modules to establish trust between the corresponding one ofthe plurality of authentication servers 384 and the cloud systemmanaging unit 382 based on at least one of the unique system levelserver trusted certificate and the system level manager trustedcertificate.

The cloud system managing unit 382 and each device 386 of the pluralityof sets of devices 385 includes a plurality of fifth memory sections. Afifth memory section of the plurality of fifth memory sections storesoperational instructions that, when executed by the one or moreprocessing modules (e.g., of the cloud system managing unit 382 and eachdevice 386), causes the one or more processing modules to establishtrust between the cloud system managing unit 382 and the one or moredevices 386 of one of the plurality of sets of devices 385 based on thetrust between the corresponding one of the plurality of authenticationservers 384 and the one or more devices 386 of the one of the pluralityof sets of devices 385 and the trust between the corresponding one ofthe plurality of authentication servers 384 and the cloud systemmanaging unit 382.

The fifth memory section further stores operational instructions that,when executed by one or more processing modules, causes the one or moreprocessing modules to perform a series of manager-device authenticationsteps. In a first manager-device authentication step, the processingmodule of the device 386 of the one or more devices 386 sends a managerauthentication request to the cloud system managing unit 382 based onthe manager information, where the manager authentication requestreferences the system level manager trusted certificate. In a secondmanager-device authentication step, the processing module of the cloudsystem managing unit 382 generates a manager authentication responsebased on the manager authentication request. In a third manager-deviceauthentication step, the processing module of the device 386 sends acertificate signing request to the cloud system managing unit 382. In afourth manager-device authentication step, the processing module of thecloud system managing unit 382 sends a signed certificate to the device386 in response to the certificate signing request. The cloud systemmanaging unit 382 includes the sixth memory section which storesoperational instructions that, when executed by one or more processingmodules (e.g., of the cloud system managing unit 382), causes the one ormore processing modules to configure a cloud computing system based onthe trust between the cloud system managing unit 382 and devices 386 ofthe plurality of sets of devices 385.

FIG. 41E is a schematic block diagram of another embodiment of a cloudcomputing system that includes a cloud system managing unit 382, a setup unit 438, a plurality of authentication servers 384, and a pluralityof sets of devices 385. The cloud system managing unit 382 includes aprocessing module (PM) and a memory (MEM). The memory may include one ormore of read-only memory and random access memory. The memory may beimplemented utilizing one or more memory devices. Each memory device ofthe one or more memory devices may be implemented utilizing one or moreof solid-state memory, optical disc memory, and a magnetic disk memory.The cloud system managing unit 382 may be implemented utilizing at leastone of a server, a computer, a distributed storage (DS) managing unit, adistributed storage and task network (DSTN) managing unit, a DSprocessing unit, a distributed storage and task (DST) processing unit, aDS integrity processing unit, and a DST integrity processing unit.

The set up unit 438 includes the PM and the MEM. The set up unit 438 maybe implemented utilizing one or more of a cloud system certificateauthority, a certificate authority, a server, a computer, a DS managingunit, a DSTN managing unit, a DS processing unit, a DST processing unit,a DS integrity processing unit, a DST integrity processing unit, thecloud system managing unit 382, one or more of the plurality ofauthentication servers 384, and one or more of the plurality of sets ofdevices 385. Each authentication server 384 of the plurality ofauthentication servers 384 includes the PM and the MEM. Eachauthentication server 384 may be implemented utilizing at least one of aserver, a computer, a DS managing unit, a DSTN managing unit, a DSprocessing unit, a DST processing unit, a DS integrity processing unit,and a DST integrity processing unit. Each set of devices 385 of theplurality of sets of devices 385 includes a plurality of devices 386.Each device 386 of the plurality of devices 386 includes the PM and theMEM. Each device 386 may be implemented utilizing at least one of astorage unit, a storage server, a memory unit, a user device, acomputer, a DS unit, and a DST execution unit.

The cloud computing system functions to establish trust and configurethe cloud computing system based on established trust. In particular,the cloud computing system functions to establish trust between theplurality of authentication servers 384 and the plurality of sets ofdevices 385, establish trust between the plurality of authenticationservers 384 and the cloud system managing unit 382, establish trustbetween the cloud system managing unit 382 and the plurality of sets ofdevices 385, and configures the cloud computing system based onestablished trust between the cloud system managing unit 382 and theplurality of sets of devices 385.

A set of devices 385 of the plurality of sets of devices 385 includesone or more devices 386 having a common aspect. The common aspectincludes at least one of a vendor identifier, a device type identifier,a version identifier, a functionality identifier, and an assignedidentifier (e.g., a predetermined, random, common manufacturingtimeframe). An authentication server 384 of the plurality ofauthentication servers 384 is associated with one of the plurality ofsets of devices 385 based on the common aspect.

Each authentication server 384 of the plurality of authenticationservers 384 is associated with a unique device level server trustedcertificate and is associated with a unique system level server trustedcertificate. The cloud system managing unit 382 is associated withanother system level manager trusted certificate. The memory of the setup unit 438 stores the system level manager trusted certificate of thecloud system managing unit 382, a unique device level server trustedcertificate for each of a plurality of authentication servers 384, and aunique system level server trusted certificate for each of the pluralityof authentication servers 384. The processing module of the set up unit438 may generate one or more certificates. The generating may includegenerating the unique device level server trusted certificate for acorresponding one of the plurality of authentication servers 384 basedon the common aspect, generating the system level manager trustedcertificate for the cloud system managing unit 382, and generating theunique system level server trusted certificates for each of theplurality of authentication servers 384.

The processing module of the set up unit 438 establishes trust byperforming a series of trust establishing steps. In a first trustestablishing step, the processing module establishes trust between thecorresponding one of the plurality of authentication servers 384 and oneor more devices 386 of one of the plurality of sets of devices 385 basedon the unique device level server trusted certificate of thecorresponding one of the plurality of authentication servers 384, wherea set of devices 385 of the plurality of sets of devices 385 includesone or more devices having a common aspect.

The processing module establishes trust between the corresponding one ofthe plurality of authentication servers 384 and one or more devices 386of one of the plurality of sets of devices 385 by a series ofserver-device authentication steps. In a first server-deviceauthentication step, the processing module causes a device 386 of theone or more devices 386 to send an authentication request to thecorresponding one of the plurality of authentication servers 384, wherethe device 386 is programmed with the unique device level server trustedcertificate of the corresponding one of the plurality of authenticationservers 384 and where the authentication request references the uniquedevice level server trusted certificate. In a second server-deviceauthentication step, the processing module causes the corresponding oneof the plurality of authentication servers 384 to generate anauthentication response based on the authentication request. In a thirdserver-device authentication step, the processing module causes, whenthe authentication response is verified, the device 386 to send deviceconfiguration information to the corresponding one of the plurality ofauthentication servers 384. In a fourth server-device authenticationstep, the processing module causes the device 386 to receive managerinformation regarding the cloud system managing unit 382 (e.g., includescausing the one of the plurality of authentication servers 384 to issuethe manager information to the device 386).

In a second trust establishing step, the processing module establishestrust between the corresponding one of the plurality of authenticationservers 384 and the cloud system managing unit 382 based on at least oneof the unique system level server trusted certificate and the systemlevel manager trusted certificate. For example, the processing modulecauses the corresponding one of the plurality of authentication servers384 to verify trust with the cloud system managing unit 382. As anotherexample, the processing module causes the cloud system managing unit 382to verify trust with the corresponding one of the plurality ofauthentication servers 384.

In a third trust establishing step, the processing module establishestrust between the cloud system managing unit 382 and the one or moredevices 386 of the one of the plurality of sets of devices 385 based onthe trust between the corresponding one of the plurality ofauthentication servers 384 and the one or more devices 386 of the one ofthe plurality of sets of devices 385 and the trust between thecorresponding one of the plurality of authentication servers 384 and thecloud system managing unit 382. The processing module establishes trustbetween the cloud system managing unit 382 and the one or more devices386 of the one of the plurality of sets of devices 385 by a series ofmanager-device authentication steps. In a first manager-deviceauthentication step, the processing module causes the device 386 of theone or more devices 386 to send a manager authentication request to thecloud system managing unit based on the manager information, where themanager authentication request references the system level managertrusted certificate. In a second manager-device authentication step, theprocessing module causes the cloud system managing unit 382 to generatea manager authentication response based on the manager authenticationrequest (e.g., generating includes sending the manager authenticationresponse to the device 386). In a third manager-device authenticationstep, the processing module causes the device 386 to send a certificatesigning request to the cloud system managing unit 382. In a fourthmanager-device authentication step, the processing module causes thecloud system managing unit 382 to send a signed certificate to thedevice in response to the certificate signing request. When the trusthas been established, the processing module configures the cloudcomputing system based on the trust between the cloud system managingunit 382 and devices 386 of the plurality of sets of devices 385.

FIG. 42A is a schematic block diagram of another embodiment of adistributed computing system that includes a user device 14, a loadbalancer 440, a plurality of distributed storage and task (DST)processing units 16, and a distributed storage and task network (DSTN)module 22. Alternatively, one or more dispersed storage (DS) processingunits may substitute for one or more DST processing units 16. Furtheralternatively, a dispersed storage network (DSN) memory may substitutefor the DSTN module 22. The user device 14 is operable to generate andsend a data access request 442 to the load balancer 440 to facilitateaccessing data stored as a plurality of sets of encoded data slices inthe DSTN module 22. The data access request 442 includes at least one ofa data identifier (ID), data, a requesting entity ID (e.g., associatedwith the user device 14), and a preferred DST processing unit ID. Theload balancer 440 is operable to receive the data access request 442,identify a DST processing unit 16 of the plurality of DST processingunits 16 based on the data access request 442, and forward the dataaccess request 442 to the identified DST processing unit 16. Theidentifying includes identifying a DST processing unit identifier (ID)of the DST processing unit based on one or more of a requesting entityID, a data ID, a DST processing unit performance indicator, a cacheddata indicator, and affiliation information. The affiliation informationincludes a list of associations between one or more of the requestingentity ID, the data ID, and the DST processing unit ID. For example, thelist includes an association between a second DST processing unit and adata ID of 457.

The DST processing unit 16 is operable to receive the data accessrequest 442 and process the request. The processing the request includesgenerating a data access response 444 when data affiliated with the dataaccess request 442 is available in a cache memory of the DST processingunit 16. The processing the request further includes generating aplurality of sets of slice access requests 443 and sending the pluralityof sets of slice access requests 443 to the DSTN module 22 when the dataaffiliated with the data access request 442 is not available in thecache memory of the DST processing unit 16. The DSTN module 22 isoperable to receive the plurality of sets of slice access requests 443,access the plurality of sets of encoded data slices based on theplurality of sets of slice access requests 443, generate one or moreslice access responses 445, and output the one or more slice accessresponses 445 to the DST processing unit 16. The DST processing unit 16is further operable to receive the one or more slice access responses445, further process the one or more slice access responses 445 togenerate at least one of a response indicator and data, generate a dataaccess response 444 that includes at least one of the response indicatorand the data, and to send the data access response 444 to the userdevice 14. The sending of the data access response 444 includesoutputting the data access response 444 directly to the user device 14and sending the data access response 444 to the user device 14 via theload balancer 440.

The DST processing unit 16 is further operable to modify the affiliationinformation based on one or more of a DST processing unit performancelevel, a request, and a predetermination. For example, the DSTprocessing unit modifies the affiliation information to disassociate anunfavorably performing DST processing unit from a affiliation (e.g., toa data ID) and to associate a more favorably performing DST processingunit in the affiliation. The DST processing unit 16 is further operableto update the cached data indicator based on a status of cached datawithin the DST processing unit 16. The updating includes indicating thatdata is included when data is stored in the cache memory of the DSTprocessing unit 16 and indicating that data is excluded when the data isdeleted from the cache memory. The indicating includes generating andsending the cached data indicator to at least one of the load balancerand at least one other DST processing unit 16.

FIG. 42B is a flowchart illustrating an example of load-balancing. Themethod begins at step 446 where a processing module (e.g., of adistributed storage and task (DST) client module of a load balancer)receives a data access request. The method continues at step 448 wherethe processing module identifies a distributed storage and task network(DSTN) address associated with the data access request. The identifyingincludes at least one of accessing a DSTN directory, accessing a DSTNindex, and generating the DSTN address based on the data ID. The DSTNaddress includes at least one of a source name and a plurality of setsof slice names. The processing module may generate a null address whenthe data access request is to store new data.

The method continues at step 450 where the processing module selects aDST processing unit based on the DSTN address and affiliationinformation. The selecting includes at least one of identifying a DSTprocessing unit affiliated with the DSTN address when a DSTN address isnot null and assigning a DST processing unit when the DSTN address isnull. For example, the processing module assigns a DST processing unit16 based on a requesting entity ID when the DSTN address is null. Asanother example, the processing module selects DST processing unit 16when affiliation information indicates that DST processing unit 16 isaffiliated with a data address of the request.

The method continues at step 452 where the processing module forwardsthe data access request to the selected DST processing unit. The methodcontinues at step 454 where the processing module obtains affiliationinformation. The obtaining includes at least one of generating theaffiliation data based on a pattern of requests and retrieving the fleetshould data from one or more DST system units. For example, theprocessing module generates the affiliation data to affiliate DSTprocessing unit 16 with data ID of 457 when a previous access request todata of data ID of 457 has favorably utilized a DST processing unit 16.The method continues at step 456 where the processing module updates theaffiliation information based on the affiliation data. The updatingincludes at least one of adding new affiliations for new data stored incache memory for current requesting entities or current data stored incache memory for new requesting entities and deleting old affiliationswhen data is deleted from a cache memory of a DST processing unit.

FIG. 43A is a schematic block diagram of another embodiment of adistributed computing system. The system includes a network 24 and adistributed storage and task network (DSTN) module 22. Alternatively, adispersed storage network (DSN) memory may be substituted for the DSTNmodule 22. The DSTN module 22 includes a plurality of concentric storagepools 458-462. For example, a national storage pool 458 includes aregional storage pool 460 and a local storage pool 462, and the regionalstorage pool 460 includes the local storage pool 462. Each storage poolof the plurality of concentric storage pools 458-462 includes a set ofdistributed storage and task (DST) execution modules 36 utilized toaccess at least one set of slices (e.g., including the encoded dataslices, error coded slices, and data slices). Alternatively, one or moredispersed storage (DS) units may substitute for one or more DSTexecution units 36. Each storage pool of the plurality of concentricstorage pools 458-462 is operably coupled via the network 24 to theplurality of concentric storage pools 458-462 to facilitate migratingslices from one storage pool to another. The migrating of slices mayenable a more favorable match of a slice storage performance requirementand an actual slice storage performance level when at least one storagepool of the plurality of concentric storage pools 458-462 is associatedwith an actual slice storage performance level that is different (e.g.,more favorable) than an actual slice storage performance levelassociated with at least one other storage pool.

Each storage pool may be associated with a target slice storageperformance level, where the target slice storage performance levelincludes one or more of an access latency level, an access bandwidthlevel, a cost level, a storage capacity level, a geographic affiliation,a security level, and an availability level. For example, the localstorage pool 462 may be associated with active storage requiring atarget slice performance level that includes a lowest access latencyperformance level and an average reliability level. As another example,the national storage pool 458 may be associated with inactive storagerequiring a target slice performance level that includes allowing ahighest access latency performance level while mandating a highestreliability level. As yet another example, the regional storage pool 460may be associated with near line storage requiring a target sliceperformance level including an average access latency performance leveland an average reliability level.

A set of slices may be accessed in at least one storage pool of theplurality of concentric storage pools 458-462. For example, a set ofslices are generated and initially stored in the plurality of DSTexecution units 36 of the local storage pool 462 such that frequentaccessing of a set of slices may benefit from a storage performancelevel associated with the local storage pool. As time goes on a storagerequirement may change. For example, a frequency of access requirementmay lower as time goes on. When the requirement changes, the set ofslices may be transferred to a storage pool in line with a loweredfrequency of access requirement. For example, the set of slices aretransferred from the local storage pool 462 to the regional storage pool460. As more time goes on, a similar process may repeat such that theset of slices are transferred from the regional storage pool 460 to thenational storage pool 458. A similar process is utilized in a reversedirection. For example, the set of slices may be transferred from thenational storage pool 458 to the regional storage pool 460 when thefrequency of access requirement increases. As more time goes on, the setof slices may be transferred from the regional storage pool 460 to thelocal storage pool 462 as the frequency of access requirement furtherincreases.

Resources associated with a storage pool contained within anotherstorage pool may be utilized for storage of slices with the storagepool. For example, any of the DST execution units 36 of the localstorage pool 462 may be utilized in addition to DST execution units 36associated with the regional storage pool 460 (e.g., and not thenational storage pool 458) when storing a set of slices in the regionalstorage pool 460. Resources may be associated with multiple storagepools based on multiple associations. For example, a plurality of DSTexecution units 36 associated with a first local storage pool 462 mayalso be associated with a second local storage pool 462. As anotherexample, a plurality of DST execution units 36 associated with aregional storage pool 460 and a second local storage pool 462 may not beassociated with the first local storage pool 462.

FIG. 43B is a flowchart illustrating an example of writing data. Themethod begins at step 464 where a processing module (e.g., of adistributed storage and task (DST) client module) receives data forstorage. The receiving may include receiving one or more of the data, adata identifier (ID), and a requesting entity ID. The method continuesat step 466 where the processing module stores the data as a pluralityof sets of encoded data slices in an affiliated local storage pool ofdistributed storage and task (DST) execution units. The storing includesencoding the data utilizing a dispersed storage error coding function inaccordance with dispersed storage error coding function parametersassociated with the local storage pool to produce the plurality of setsof encoded data slices, generating a plurality of sets of slice namesassociated with the plurality of sets of encoded data slices, generatinga plurality of sets of write slice requests that includes the pluralityof sets of encoded data slices and the plurality of sets of slice names,identifying a set of DST execution units of the local storage pool,initializing a frequency of access indicator corresponding to the dataID (e.g., a timestamp, a number of accesses=1), and outputting theplurality of sets of write slice requests to the identified set of DSTexecution units where each DST execution unit of the identified set ofDST execution units stores one or more encoded data slices of theplurality of sets of encoded data slices.

When no modifications have been received for the data within a timeperiod, the method continues at step 468 where the processing modulestores the data as another plurality of sets of encoded data slices inan affiliated next level storage pool of DST execution units. Theprocessing module may indicate that no modifications have been receivedfor the data within the time period when a real-time clock is greaterthan a timestamp of the frequency of access indicator corresponding tothe data ID by a time period threshold. The storing the data includes atleast one of generating and storing the other plurality of sets ofencoded data slices and retrieving the plurality of sets of encoded dataslices from the local storage pool and storing the plurality of sets ofencoded data slices in the next level storage pool.

The generating and storing the other plurality of sets of encoded dataslices includes obtaining the data, encoding the data utilizing thedispersed storage error coding function in accordance with dispersedstorage error coding function parameters of the next level storage poolto produce the other plurality of sets of encoded data slices, selectinga set of DST execution units of the next level storage pool, andoutputting the other plurality of sets of encoded data slices toselected set of DST execution units of the next level storage pool. Theobtaining includes retrieving the plurality of sets of encoded dataslices from the local storage pool and decoding the plurality of sets ofencoded data slices utilizing the dispersed storage error codingfunction in accordance with the dispersed storage error codingparameters of the local storage pool to reproduce the data.

The method continues at step 470 where the processing module determineswhether to delete the data from a storage pool. The determination may bebased on one or more of a storage pool identifier associated withstorage of the data, a storage pool level (e.g., never delete from thenational storage pool when utilizing the national storage pool as along-term reliable backup), a value of the frequency of accessindicator, a current timestamp, a storage pool memory utilization level,a time threshold, a storage pool memory utilization threshold, and acost of storage estimate. For example, the processing module indicatesto delete the data from the local storage pool when the frequency ofaccess indicator indicates that a time period since a last data accessis greater than a time threshold. The method loops back to at least oneof steps 464, 468, and 470 when the processing module determines not todelete the data from the storage pool. For example, the method loopsback to step 464 when new data has been received, loops back to step 468when no new data has been received, and loops back to step 470 when amemory capacity indicator compares unfavorably to a low memory capacitythreshold level. The method continues to step 472 when the processingmodule determines to delete the data from storage pool. The methodcontinues at step 472 where the processing module deletes the data fromstorage pool. The deleting includes one or more of verifying that thedata is currently stored in another higher-level storage pool andrequesting deletion of the data from the storage pool when the data isverified to be stored in the other higher-level storage pool.

FIG. 43C is a flowchart illustrating an example of reading data. Themethod begins at step 474 where a processing module (e.g., of adistributed storage and task (DST) client module) receives a dataretrieval request. The receiving includes receiving one or more of arequesting entity identifier (ID), a data ID, a mandatory storage poolID, and a preferred storage pool ID. The method continues at step 476where the processing module determines whether the data is availablefrom an affiliated local storage pool. The determining may be based onat least one of outputting a read request, outputting a list request,outputting a list digest request, accessing a list, and receiving aresponse. The method branches to step 480 when the processing moduledetermines that the data is not available from the affiliated localstorage pool. The method continues to step 478 when the processingmodule determines that the data is available from the affiliated localstorage pool.

The method continues at step 478 where the processing module retrievesthe data from the affiliated local storage pool. The retrieving includesgenerating a plurality of sets of read slice requests that include aplurality of sets of slice names associated with the data, outputtingthe plurality of sets of read slice requests to a set of DST executionunits of the affiliated local storage pool, receiving a plurality of atleast a decode threshold number of encoded data slices, and decoding theplurality of the at least the decode threshold number of encoded dataslices to reproduce the data. The method branches to step 484.

The method continues at step 480 where the processing module retrievesthe data from another storage pool when the data is not available fromthe affiliated local storage pool. The retrieving includes identifyingthe other storage pool, retrieving the plurality of sets of encoded dataslices, and decoding the plurality of sets of encoded data slices toreproduce the data. The identifying may be based on at least one ofaccessing a data to storage pool identifier list, sending a readrequest, sending a list request, sending a list digest request, andreceiving a response. For example, the processing module identifies ahigher-level storage pool that includes the data, retrieves the slices,and decodes the slices to reproduce the data. The method continues atstep 482 where the processing module stores the data in the affiliatedlocal storage pool (e.g., since frequency of access has increased). Thestoring includes storing the plurality of sets of encoded data slices inthe affiliated local storage pool and re-encoding the data to produce asecond plurality of encoded data slices for storage in the affiliatedlocal storage pool. The method continues at step 484 where theprocessing module sends the data to the requesting entity.

FIG. 44 is a flowchart illustrating an example of storing a slice, Themethod begins at step 486 where a processing module (e.g., of adistributed storage and task (DST) client module) receives a distributedstorage and task network (DSTN) test request. Alternatively, theprocessing module receives a dispersed storage network (DSN) testrequest. The receiving includes at least one of detecting an errorcondition, receiving an error message, receiving a test request from arequesting entity, receiving a number of source names to test, receivinga number of slices to test, and receiving a test type indicator. Themethod continues at step 488 where the processor module generates aplurality of source names. The generating includes determining a numberof source names to generate as “s” and generating source names inaccordance with the number to generate. The processing module maydetermine the number of source names to generate based on at least oneof the test request, a predetermination, a number generated in aprevious test, a number remaining from a previous suspended test, and arandom number. For example, the processing module generates theplurality of source names in accordance with a formula of: sourcename=hash (i), where i is a prime number from 1 to s.

For each source name, the method continues at step 490 where theprocessing module deterministically generates a data object based on thesource name. For example, the processing module generates the dataobject in accordance with a formula of: data object i=data object iappended with hash (n appended with i), for n=1 to j, where j is anumber of desired bytes. For each source name, the method continues atstep 492 where the processing module generates a plurality of sets ofencoded data slices from a corresponding data object (e.g.,corresponding to the source name). For example, the processing moduleencodes the corresponding data object utilizing a dispersed storageerror coding function to produce the plurality of sets of encoded dataslices. For each source name, the method continues at step 494 where theprocessing module generates a plurality of sets of write slice requeststhat includes a plurality of sets of slice names corresponding to thesource name and a corresponding plurality of sets of encoded dataslices. The generating includes transforming the corresponding sourcename into the plurality of sets of slice names based on a vaultidentifier (ID) and dispersed storage error coding function parametersassociated with the test.

For each source name, the method continues at step 496 where theprocessing module sends the plurality of sets of write slice requests toa DSTN module, or DSN memory, to facilitate storing the correspondingplurality of sets of encoded data slices. The method continues at step498 where the processing module determines a number of data objects totest. The determining may be based on at least one of a last test, apredetermination, and the test request. The method continues at step 500where the processing module generates read slice requests for the numberof objects to test. The generating includes generating a source name foreach of the data objects to test and generating a plurality of sets ofread slice requests for each source name, wherein each read slicerequest includes a slice name corresponding to a corresponding sourcename. The generating of each source name may be in accordance with aformula of: source name=hash (ĝa mod p), a=1 to p−1 for the number ofdata objects to test, g is a primitive root polynomial, p is a prime,and g and p are related such that for every number “a” between 1 and(p−1), there is some integer exponent (e) such that ĝe mod p=a. Thegenerating of each source name further includes identifying the valuesof a and p associated with the read test to reduce subsequent retestingof a same range of source names. The generating of each source namefurther includes excluding values of a and p associated with sourcenames of data objects that have been deleted in a previous test.

The method continues at step 502 where the processing module retrievesdata objects utilizing the read slice requests. The retrieving includesoutputting the read slice requests to the DSTN module, receiving slices,and decoding slices to reproduce the data objects. For each retrieveddata object, the method continues at step 504 where the processingmodule generates read verification information. The generating includescomparing the retrieved data object to a regenerated data objectcorresponding to the retrieved data object (e.g., regenerated inaccordance with the a formula of: data object i=data object i appendedwith hash (n appended with i), for n=1 to j, where j is a number ofdesired bytes). The generating further includes indicating that the dataobject is verified when the retrieved data object is substantially thesame as the regenerated data object.

The method continues at step 506 where the processing module determinesa number of data objects to delete. The determining may be based on atleast one of a last test, a predetermination, and the test request. Themethod continues at step 508 where the processing module generatesdelete slice requests for the number of data objects to delete. Thegenerating includes generating a source name for each of the dataobjects to delete and generating a plurality of sets of delete slicerequests for each source name, where each delete slice request includesa slice name corresponding to a corresponding source name. Thegenerating of each source name may be in accordance with a formula of:source name=hash (ĝa mod p), a=1 to p−1 for the number of data objectsto delete, g is a primitive root polynomial, p is a prime, and g and pare related such that for every number “a” between 1 and (p−1), there issome integer exponent (e) such that ĝe mod p=a. The generating of eachsource name further includes identifying the values of a and passociated with the deleting to reduce subsequent reading of a samerange of source names. The generating of each source name furtherincludes excluding values of a and p associated with source names ofdata objects that have been deleted in a previous test.

The method continues at step 510 where the processing module outputs thedelete slice requests to the DSTN module. The method continues at step512 where the processing module receives delete slice responses. Eachresponse of the responses includes an indicator indicating whether anassociated delete operation was favorably executed. For each deleteslice response, the method continues at step 514 where the processingmodule generates delete verification information. The generatingincludes one or more of indicating which slices were successfullydeleted, indicating which slices were not successfully deleted,indicating a number of successfully deleted slices, and indicating anumber of unsuccessfully deleted slices.

FIG. 45A is a schematic block diagram of an embodiment of a storage unitthat includes a computing device 516. The storage unit may beimplemented utilizing at least one of a storage unit, a storage server,a memory unit, a user device, a computer, a computing array, adistributed computing computer, a dispersed storage (DS) unit, and adistributed storage and task (DST) execution unit. The computing device516 includes a dispersed storage module 520 and a memory 522. The memorymay include one or more of read-only memory and random access memory.The memory may be implemented utilizing one or more memory devices. Eachmemory device of the one or more memory devices may be implementedutilizing one or more of solid-state memory, optical disc memory, and amagnetic disk memory. The DS module 520 includes a receive module 524, adetermine version module 526, a determine write authority module 528,and a storage module 530.

The storage unit functions to receive a write request 532 for storing adata object 534, determine whether the data object 534 is a new dataobject 536 or a revised version 538 of an existing data object,determine a write authority 544, and process the write request 532 forstoring the data object 534 in accordance with the write authority 544.The data object 534 may include an encoded data slice of a set ofencoded data slices, where a data segment is encoded using a dispersedstorage error encoding function to produce the set of encoded dataslices.

With regards to receiving the write request 532 for storing the dataobject 534, the receive module 524 receives, from a requesting entity518 (e.g., a DS processing unit, another storage unit associated withthe storage unit), the write request 532 for storing the data object534, where the write request includes updated access control list (ACL)information 540 regarding the data object 534 and a name 542 identifyingthe data object 534. The write request may further include one or moreof an identifier of the requesting entity 518 and a signed certificate.

With regards to determining whether the data object 534 is the new dataobject 536 or the revised version 538 of the existing data object, thedetermine version module 526 determines whether the data object 534 isthe new data object 536 or the revised version 538 of the existing dataobject. The determine version module 526 determines whether the dataobject 534 is the new data object 536 or the revised version 538 of theexisting data object by interpreting a revision number field of the name542. The determine version number 526 may output a version 546 toindicate whether the data object 534 is the new data object 536 or therevised version 538 of the existing data object. For example, thedetermine version module 526 outputs the version 546 to indicate thatthe data object 534 is the new data object 536 when the revision numberfield indicates a first revision number.

With regards to determining the write authority 544, the determine writeauthority module 528 determines the write authority 544 of therequesting entity 518 based on information contained in a locally storedACL 548 (e.g., permissions retrieved from the memory 522 with regards towhich types of requests the identity of the requesting entity 518 isallowed to perform), where the write authority 544 includes, at leastone of, authorization to issue a write request for the new data object536, authorization to issue a write request for the revised version 538of the existing data object, and authorization to issue updated ACLinformation 540 regarding the new data object 536 or the revised version538 of the existing data object.

The write authority 544 may further include a range of permissiblerevisions for the revised version 538 of the existing data object. Forexample, the requesting entity 518 is authorized to store revisedversions 538 within a range of revisions 1-10 and update the ACLinformation 548 for the same range. The determine write authority module528 may further determine the write authority 544 to include anindicator that indicates whether a revision number of the revisedversion 538 of the existing data object is within the range ofpermissible revisions.

When the write request 532 is regarding the new data object 536 (e.g.,as indicated by version 546), the determine write authority module 528may further determine that the requesting entity is authorized to issuethe write request for the new data object 536 and to issue the updatedACL information 540 regarding the new data object 536. The determinewrite authority module 528 determines that the requesting entity 518 isauthorized to issue the write request 532 for the new data object 536and to issue the updated ACL information 540 regarding the new dataobject 536 by extracting the signed certificate from the write request532 and verifying the signed certificate to establish authorization(e.g., generate the write authority 544) to issue the write request 532for the new data object 536 and to issue the updated ACL information 540regarding the new data object 536. The write authority generates thewrite authority 544 to include an indicator that indicates that therequesting entity is authorized to issue the write request for the newdata object 536 and to issue the updated ACL information 540 regardingthe new data object 536 when the determine write authority module 528determines that the requesting entity is authorized to issue the writerequest for the new data object 536 and to issue the updated ACLinformation 540 regarding the new data object 536.

With regards to processing the write request 532 for storing the dataobject 534 in accordance with the write authority 544, when the writerequest 532 is regarding the revised version 538 of the existing dataobject and the write authority 544 includes the authority to issue thewrite request for the revised version 538 of the existing data objectand authorization to issue updated ACL information regarding the revisedversion of the existing data object, the storage module 530 stores therevised version 538 of the existing data object in the memory 522 andupdates the access control list 548 in the memory 522 based on theupdated ACL information 540. The updating includes at least one ofappending and replacing. When the write request 532 is regarding therevised version 538 of the existing data object and the write authority544 does not include the authority to issue the write request for therevised version of the existing data object, the storage module 530sends the write request rejection message 550 to the requesting entity518.

When the revision number is within the range of permissible revisions,as indicated by the write authority 544, the storage module 530 storesthe revised version 538 of the existing data object in the memory 522and updates the access control list 548 in the memory 522 based on theupdated ACL information 540. When the revision number is not within therange of permissible revisions, the storage module 530 denies the writerequest (e.g., no storage, issue an error message, output a writerequest rejection message 550 to the requesting entity 518).

When the write request 532 is regarding the new data object 536 and whenthe write authority 544 indicates that that the requesting entity 518 isauthorized to issue the write request 532 for the new data object 536and to issue the updated ACL information 540 regarding the new dataobject 536, the storage module 530 stores the new data object 536 in thememory 522 and updates the access control list 548 in the memory 522based on the updated ACL information 540 regarding the new data object536.

When the write request 532 is regarding the revised version 538 of theexisting data object and the write authority 544 includes the authorityto issue the write request for the revised version 538 of the existingdata object but not the authorization to issue updated ACL information540 regarding the revised version 538 of the existing data object, thestorage module 530 stores the revised version 538 of the existing dataobject in the memory 522 and accesses a trusted source (e.g., a managingunit, a security server, another storage unit, a DS processing unit,etc). The accessing is with regards to authenticating the requestingentity's authority to issue the updated ACL information 540 regardingthe revised version 538 of the existing data object or obtaining theupdated ACL information 540 regarding the revised version 538 of theexisting data object. The storage module 530 updates the ACL information548 in the memory 522 using the updated ACL information 540 when theaccessing the trusted source indicates that the requesting entity hasauthority to issue the updated ACL information 540. Alternatively, thestorage module 530 updates the ACL information 548 in the memory 522using updated ACL information 540 obtained from the trusted source whenobtaining the updated ACL information 540 from the trusted source.

FIG. 45B is a flowchart illustrating an example of storing a slice. Themethod begins at step 552 where a processing module (e.g., of a storageunit) receives, from a requesting entity, a write request for storing adata object, where the write request includes updated access controllist (ACL) information regarding the data object and a name identifyingthe data object. The data object includes an encoded data slice of a setof encoded data slices, where a data segment is encoded using adispersed storage error encoding function to produce the set of encodeddata slices. The method continues at step 554 where the processingmodule determines whether the data object is a new data object or arevised version of an existing data object. The determining whether thedata object is the new data object or the revised version of theexisting data object includes interpreting a revision number field ofthe name.

The method continues at step 556 where the processing module determineswrite authority of the requesting entity based on information containedin a locally stored access control list. The write authority includes atleast one of authorization to issue a write request for the new dataobject, authorization to issue a write request for the revised versionof the existing data object, and authorization to issue updated ACLinformation regarding the new data object or the revised version of theexisting data object. The write authority may include a range ofpermissible revisions for the revised version of the existing dataobject.

When the write request is regarding the revised version of the existingdata object and the write authority includes the authority to issue thewrite request for the revised version of the existing data object andauthorization to issue updated ACL information regarding the revisedversion of the existing data object, the method continues at step 558where the processing module determines whether a revision number of therevised version of the existing data object is within the range ofpermissible revisions. Alternatively, when not checking a revisionnumber, the method branches to step 562. When the revision number iswithin the range of permissible revisions, the method branches to step562. When the revision number is not within the range of permissiblerevisions, the method continues to step 560. When the revision number isnot within the range of permissible revisions, the method continues atstep 560 where the processing module denies the write request. Thedenying of the write request includes sending a write request rejectionmessage to the requesting entity to deny the request. When the writerequest is regarding the revised version of the existing data object andthe write authority does not include the authority to issue the writerequest for the revised version of the existing data object, the methodcontinues at step 560 to deny the request.

When the revision number is within the range of permissible revisions,the method continues at step 562 where the processing module stores therevised version of the existing data object (e.g., in a local memory).The method continues at step 564 where the processing module updates anaccess control list based on the updated ACL information (e.g.,overwrites the access control list with the updated ACL information inthe local memory).

When the write request is regarding the new data object, the methodcontinues at step 566 where the processing module determines that therequesting entity is authorized to issue the write request for the newdata object and to issue the updated ACL information regarding the newdata object. The determining that the requesting entity is authorized toissue the write request for the new data object and to issue the updatedACL information regarding the new data object includes extracting asigned certificate from the write request and verifying the signedcertificate to establish authorization to issue the write request forthe new data object and to issue the updated ACL information regardingthe new data object. When fully authorized, the method continues at step568 where the processing module stores the new data object. The methodcontinues at step 570 where the processing module updates the accesscontrol list based on the updated ACL information regarding the new dataobject.

When the write request is regarding the revised version of the existingdata object and the write authority includes the authority to issue thewrite request for the revised version of the existing data object butnot the authorization to issue updated ACL information regarding therevised version of the existing data object, the method continues atstep 572 where the processing module stores the revised version of theexisting data object. The method continues at step 574 where theprocessing module accesses a trusted source regarding authenticating therequesting entity's authority to issue the updated ACL informationregarding the revised version of the existing data object or obtainingthe updated ACL information regarding the revised version of theexisting data object.

The method continues at step 576 where the processing module updates theaccess control list in accordance with the accessing of the trustedsource. For example, the processing module utilizes updated ACLinformation from the requesting entity to update the access control listwhen the trusted source indicates that the requesting entity hasauthority to issue the updated ACL information regarding the revisedversion of the existing data object. As another example, the processingmodule utilizes updated ACL information obtained from the trusted sourceto update the access control list.

FIG. 45C is a flowchart illustrating an example of retrieving a slice.The method begins at step 578 where a processing module (e.g., of astorage unit) receives a read slice request from a requesting entitythat includes a slice name. The method continues at step 580 where theprocessing module retrieves most recent stored ACL informationcorresponding to the slice name. For each revision of the slice, themethod continues at step 582 where the processing module determineswhether the requesting entity is authorized to read a slice of therevision based on the most recent stored ACL information. For example,the processing module verifies access permissions of the requestingentity with the ACL information for the slice revision. For eachrevision of the slice, when authorized, the method continues at step 584where the processing module returns the slice of the revision to therequesting entity. The returning includes generating a read sliceresponse that includes or more of the slice, the revision number, and afavorable great response indicator. The returning further includessending the read slice response to the requesting entity.

FIG. 46A is a diagram illustrating an example of an access control list(ACL) structure 586 that includes a realm universally unique identifier(UUID) field 588, a login name field 590, a subject distinguished namefield 592, a permissions field 594, a signer identifier (ID) field 596,and a signature field 598. The realm UUID field 588 includes a realmUUID entry of a plurality of realm UUIDs associated with at least one ofa distributed storage and task network (DSTN) and a dispersed storagenetwork (DSN). For example, a realm entry includes www.cleversafe.com.The login name field 590 includes a login name entry corresponding to anidentifier of an entity associated with permissions of the ACL. Theentity includes at least one of a module, a device, a unit, and a user.The subject distinguished name field 592 includes a subjectdistinguished name entry of a pathname of a directory and/or indexuniquely identifying a directory entry. For example, a distinguishedname entry includes www.cleversafe.com/DSTN/media/example.jpg. Thepermissions field 594 includes at least one permissions entry, where theat least one permissions entry identifies allowed operations andun-allowed operations corresponding to the other entries of the ACL 586.For example, a permissions entry identifies an allowed read operationand not allowing a write operation. The signer ID field 596 includes asigner ID entry, where the signer ID entry corresponds to an entity thatsigns the ACL 586 to produce a signature entry of the signature field598. The signature field 598 includes the signature entry, where thesignature entry includes a signature over the ACL 586 to enablesubsequent verification of the ACL 586.

FIG. 46B is a diagram illustrating an example of a registry structure600 that includes a distributed storage and task network (DSTN)sub-registry 602, one or more vault sub-registries 604, and one or morestorage pool sub-registries 606. The registry structure 600 maycorrespond to at least one of a DSTN and a dispersed storage network(DSN). Each of the DSTN sub-registry 602, the one or more vaultsub-registries 604, and the one or more storage pool sub-registriesinclude one or more access control lists (ACLs) 586. Alternatively, theDSTN sub-registry 602 may correspond to a dispersed storage network(DSN) sub-registry when the registry 600 corresponds to the DSN.

The registry 600 may be utilized to authorize access requests within atleast one of the DSTN and the DSN. At least one of the DSTN sub-registry602, the one or more vault sub-registries 604, and the one or morestorage pool sub-registries 606 may be utilized when authorizing a DSTNaccess request based on one or more of a requesting entity identifier(ID) associated with the DSTN access request and an access type of theDSTN access request. Utilizing the registry 600 includes identifying theregistry 600 and utilizing at least one ACL 586 of the registry 600 toauthorize the DSTN access request. For example, the DSTN sub-registry600 to is identified to authorize a DSTN level access request. The DSTNlevel access request includes at least one of a create vault request, adelete vault request, a create storage pool request, a delete storagepool request, a create realm request, and a delete realm request.Utilizing the at least one ACL 586 includes identifying the at least oneACL 586 based on the requesting entity ID, retrieving the at least oneACL 586, and determining whether the DSTN access request is authorizedbased on one or more permissions of the ACL 586. As another example, thevault sub-registry 604 is identified to authorize a vault level accessrequest. The vault level access request includes at least one of adelete object request, an add object request, a modify object request,and a modify permissions request. As another example, the storage poolsub-registry 606 is identified to authorize a storage pool level accessrequest. The storage pool level access request includes a modify storagepool request. Methods of generating and utilizing the registry 600 arediscussed in greater detail with reference to FIGS. 46C-D.

FIG. 46C is a flowchart illustrating an example of generating an accesscontrol list (ACL). The method begins at step 608 where a processingmodule (e.g., of a distributed storage and task (DST) client module)determines a permissions type based on at least one of a request, apredetermination, and a requesting entity. The method continues at step610 where the processing module generates an updated and/or new ACL. Thegenerating includes generating a realm universally unique identifier(UUID) entry for a realm UUID field, generating a login name entry for alogin name field that includes an identifier of the entity of the ACL,generating a subject distinguished name entry of a subject distinguishedname field corresponding to an object stored in a distributed storageand task network (DSTN), generating permissions for the permissions typebased on a permissions authorization input (e.g., an authorizedactivity, an un-authorized activity), generating a signer identifier(ID) entry for a signer ID field corresponding to the processing module,and generating a signature entry for a signature field, where thesignature is generated over the ACL utilizing a private key associatedwith the processing module. The method continues at step 612 where theprocessing module stores the updated and/or new ACL in a registry. Thestoring includes identifying a sub-registry of the registry based on thepermissions type. For example, the processing module identifies a vaultsub-registry when the permissions type is with regards to modifying datastored as encoded data slices in the DSTN.

FIG. 46D is a flowchart illustrating an example of utilizing an accesscontrol list (ACL). The method begins at step 614 where a processingmodule (e.g., of a distributed storage and task (DST) client module)receives a distributed storage and task network (DSTN) access requestfrom a requesting entity. The method continues at step 616 where theprocessing module identifies a request type of the DSTN access request(e.g., extracting a type field). The method continues at step 618 wherethe processing module identifies an ACL object based on the requesttype. For example, the processing module identifies an ACL objectassociated with the requesting entity within a sub registry associatedwith the request type.

The method continues at step 620 where the processing module retrievesthe ACL object. The retrieving includes generating at least a set ofread slice requests that includes at least a set of slice namescorresponding to the ACL object, outputting the at least the set of readslice requests to the DSTN, retrieving at least a decode thresholdnumber of read slice responses that includes at least a decode thresholdnumber of encoded data slices corresponding to the ACL object, anddecoding the at least the decode threshold number of encoded data slicesto produce the ACL object.

The method continues at step 622 where the processing module extracts anACL of one or more ACLs associated with the ACL object. The extractingincludes identifying the ACL of the one of more ACLs based on arequesting unit identifier. The method continues at step 624 where theprocessing module authorizes the DSTN access request based on the ACL.The authorization includes comparing the DSTN access request topermissions of the ACL to determine whether the DSTN access request isauthorized.

FIG. 47A is a diagram illustrating an example of a realm objectstructure 626 that includes a realm name field 628, a realm universallyunique identifier (UUID) field 588, an authentication authority field630, and an access control list (ACL) field 632. The realm name field628 includes a realm name entry, where the realm name entry includes analphanumeric name associated with an entry of the realm UUID field 588.For example, a realm name entry of “Cleversafe” refers to a realm of oneor more realms associated with at least one of a distributed storage andtask network (DSTN) and a dispersed storage network (DSN). The realmUUID field 588 includes a realm UUID entry associated with the realm.The authentication authority field 630 includes an authenticationauthority entry, where the authentication authority entry includes oneor more of an authentication protocol, a location of an authority (e.g.,a certificate authority), a name of the authority, and an internetprotocol (IP) address of the authority. The ACL field 632 includes atleast one ACL entry, where the at least one ACL entry includes an accesscontrol list associated with the realm.

FIG. 47B is a flowchart illustrating an example of generating a realmobject. The method begins at step 634 where a processing module (e.g.,of a distributed storage and task (DST) client module) verifiesdistributed storage and task network (DSTN) permissions. The verifyingincludes verifying that a requesting entity creating the realm objecthas DSTN level permissions. For example, the processing module accessesa DSTN level sub-registry to retrieve an access control list (ACL)associated with the requesting entity and verifies that the requestingentity has the DSTN level permissions based on permissions of the ACL.

The method continues at step 636 where the processing module generates anew universally unique identifier (UUID) as a realm UUID entry. Thegenerating may include one or more of generating a random UUID andverifying that UUID has not been used previously (e.g., checking a UUIDtombstone list). The method continues at step 638 where the processingmodule obtains a new realm name as a realm name entry. The obtainingincludes at least one of receiving the new realm name, requesting thenew realm name, and generating the new realm name as a random name. Themethod continues at step 640 where the processing module identifies anassociated authentication authority as a authentication authority entry.The identifying includes at least one of accessing a certificateauthority list, receiving a certificate authority chain, and initiatinga query. The method continues at step 642 where the processing modulegenerates an ACL entry to include one or more of the realm UUID entry, alogin name, a subject distinguished name, permissions, a signeridentifier, and a signature. The login name may include at least one ofan identifier associated with a entity of a distributed storage and tasknetwork (DSTN) and an anonymous identifier (e.g., wildcard).

The method continues at step 644 where the processing module generatesand stores a realm object. The generating includes generating the realmobject to include the realm name entry, the realm UUID entry, theauthentication authority entry, and the ACL entry. The storing includesencoding the realm object utilizing a dispersed storage error codingfunction to produce at least one set of encoded data slices and sendingthe at least one set of encoded data slices to at least one of adistributed storage and task network (DSTN) module and a dispersedstorage network memory for storage therein.

FIG. 47C is a flowchart illustrating an example of the deleting a realmobject. The method begins at step 646 where a processing module (e.g.,of a distributed storage and task (DST) client module) verifies realmaccess control list (ACL) permissions to delete a realm ACL. Theverifying includes accessing a realm sub-registry ACL to verify that arequesting entity deleting the realm object has sufficient permissionsto delete the realm ACL of the realm object. When verified, the methodcontinues at step 648 where the processing module verifies distributedstorage and task network (DSTN) permissions to delete the entire realmobject. The verifying includes accessing a DSTN level sub-registry ACLto verify that the requesting entity deleting the realm object hassufficient permissions to delete the entire realm object. The methodbranches to step 652 when the processing module verifies the DSTNpermissions to delete the realm object. The method continues to step 650when the processing module does not verify the DSTN permissions todelete the realm object. The method continues at step 650 where theprocessing module indicates failure. The indicating includes generatingan indication of failure and outputting indication of failure to atleast one of the requesting entity and a DSTN managing unit.

The method continues at step 652 in where the processing moduleindicates that the realm has been deleted when the processing moduleverifies DSTN permissions to delete the realm object. The indicatingincludes at least one of marking the realm object as deleted in at leastone of a list and the realm object, deleting the realm object (e.g.,generating and sending delete slice requests to a DSTN module), andindicating a tombstone status associated with a realm UUID such that theUUID is not reused.

As may be used herein, the terms “substantially” and “approximately”provides an industry-accepted tolerance for its corresponding termand/or relativity between items. Such an industry-accepted toleranceranges from less than one percent to fifty percent and corresponds to,but is not limited to, component values, integrated circuit processvariations, temperature variations, rise and fall times, and/or thermalnoise. Such relativity between items ranges from a difference of a fewpercent to magnitude differences. As may also be used herein, theterm(s) “operably coupled to”, “coupled to”, and/or “coupling” includesdirect coupling between items and/or indirect coupling between items viaan intervening item (e.g., an item includes, but is not limited to, acomponent, an element, a circuit, and/or a module) where, for indirectcoupling, the intervening item does not modify the information of asignal but may adjust its current level, voltage level, and/or powerlevel. As may further be used herein, inferred coupling (i.e., where oneelement is coupled to another element by inference) includes direct andindirect coupling between two items in the same manner as “coupled to”.As may even further be used herein, the term “operable to” or “operablycoupled to” indicates that an item includes one or more of powerconnections, input(s), output(s), etc., to perform, when activated, oneor more its corresponding functions and may further include inferredcoupling to one or more other items. As may still further be usedherein, the term “associated with”, includes direct and/or indirectcoupling of separate items and/or one item being embedded within anotheritem. As may be used herein, the term “compares favorably”, indicatesthat a comparison between two or more items, signals, etc., provides adesired relationship. For example, when the desired relationship is thatsignal 1 has a greater magnitude than signal 2, a favorable comparisonmay be achieved when the magnitude of signal 1 is greater than that ofsignal 2 or when the magnitude of signal 2 is less than that of signal1.

As may also be used herein, the terms “processing module”, “processingcircuit”, and/or “processing unit” may be a single processing device ora plurality of processing devices. Such a processing device may be amicroprocessor, micro-controller, digital signal processor,microcomputer, central processing unit, field programmable gate array,programmable logic device, state machine, logic circuitry, analogcircuitry, digital circuitry, and/or any device that manipulates signals(analog and/or digital) based on hard coding of the circuitry and/oroperational instructions. The processing module, module, processingcircuit, and/or processing unit may be, or further include, memoryand/or an integrated memory element, which may be a single memorydevice, a plurality of memory devices, and/or embedded circuitry ofanother processing module, module, processing circuit, and/or processingunit. Such a memory device may be a read-only memory, random accessmemory, volatile memory, non-volatile memory, static memory, dynamicmemory, flash memory, cache memory, and/or any device that storesdigital information. Note that if the processing module, module,processing circuit, and/or processing unit includes more than oneprocessing device, the processing devices may be centrally located(e.g., directly coupled together via a wired and/or wireless busstructure) or may be distributedly located (e.g., cloud computing viaindirect coupling via a local area network and/or a wide area network).Further note that if the processing module, module, processing circuit,and/or processing unit implements one or more of its functions via astate machine, analog circuitry, digital circuitry, and/or logiccircuitry, the memory and/or memory element storing the correspondingoperational instructions may be embedded within, or external to, thecircuitry comprising the state machine, analog circuitry, digitalcircuitry, and/or logic circuitry. Still further note that, the memoryelement may store, and the processing module, module, processingcircuit, and/or processing unit executes, hard coded and/or operationalinstructions corresponding to at least some of the steps and/orfunctions illustrated in one or more of the Figures. Such a memorydevice or memory element can be included in an article of manufacture.

The present invention has been described above with the aid of methodsteps illustrating the performance of specified functions andrelationships thereof. The boundaries and sequence of these functionalbuilding blocks and method steps have been arbitrarily defined hereinfor convenience of description. Alternate boundaries and sequences canbe defined so long as the specified functions and relationships areappropriately performed. Any such alternate boundaries or sequences arethus within the scope and spirit of the claimed invention. Further, theboundaries of these functional building blocks have been arbitrarilydefined for convenience of description. Alternate boundaries could bedefined as long as the certain significant functions are appropriatelyperformed. Similarly, flow diagram blocks may also have been arbitrarilydefined herein to illustrate certain significant functionality. To theextent used, the flow diagram block boundaries and sequence could havebeen defined otherwise and still perform the certain significantfunctionality. Such alternate definitions of both functional buildingblocks and flow diagram blocks and sequences are thus within the scopeand spirit of the claimed invention. One of average skill in the artwill also recognize that the functional building blocks, and otherillustrative blocks, modules and components herein, can be implementedas illustrated or by discrete components, application specificintegrated circuits, processors executing appropriate software and thelike or any combination thereof.

The present invention may have also been described, at least in part, interms of one or more embodiments. An embodiment of the present inventionis used herein to illustrate the present invention, an aspect thereof, afeature thereof, a concept thereof, and/or an example thereof. Aphysical embodiment of an apparatus, an article of manufacture, amachine, and/or of a process that embodies the present invention mayinclude one or more of the aspects, features, concepts, examples, etc.described with reference to one or more of the embodiments discussedherein. Further, from figure to figure, the embodiments may incorporatethe same or similarly named functions, steps, modules, etc. that may usethe same or different reference numbers and, as such, the functions,steps, modules, etc. may be the same or similar functions, steps,modules, etc. or different ones.

While the transistors in the above described figure(s) is/are shown asfield effect transistors (FETs), as one of ordinary skill in the artwill appreciate, the transistors may be implemented using any type oftransistor structure including, but not limited to, bipolar, metal oxidesemiconductor field effect transistors (MOSFET), N-well transistors,P-well transistors, enhancement mode, depletion mode, and zero voltagethreshold (VT) transistors.

Unless specifically stated to the contra, signals to, from, and/orbetween elements in a figure of any of the figures presented herein maybe analog or digital, continuous time or discrete time, and single-endedor differential. For instance, if a signal path is shown as asingle-ended path, it also represents a differential signal path.Similarly, if a signal path is shown as a differential path, it alsorepresents a single-ended signal path. While one or more particulararchitectures are described herein, other architectures can likewise beimplemented that use one or more data buses not expressly shown, directconnectivity between elements, and/or indirect coupling between otherelements as recognized by one of average skill in the art.

The term “module” is used in the description of the various embodimentsof the present invention. A module includes a processing module, afunctional block, hardware, and/or software stored on memory forperforming one or more functions as may be described herein. Note that,if the module is implemented via hardware, the hardware may operateindependently and/or in conjunction software and/or firmware. As usedherein, a module may contain one or more sub-modules, each of which maybe one or more modules.

While particular combinations of various functions and features of thepresent invention have been expressly described herein, othercombinations of these features and functions are likewise possible. Thepresent invention is not limited by the particular examples disclosedherein and expressly incorporates these other combinations.

What is claimed is:
 1. A method comprises: receiving, by a storage unitof a dispersed storage network (DSN) and from a requesting entity of theDSN, a write request for storing a data object, wherein the writerequest includes at least an encoded data slice of a set of encoded dataslices of the data object and a name identifying the data object,wherein a data segment of the data object is dispersed error encoded;determining, by the storage unit, whether the data object is a new dataobject or a revised version of an existing data object; determining, bythe storage unit, write authority of the requesting entity based oninformation contained in a locally stored access control list (ACL),wherein the write authority includes, at least one of, authorization toissue a write request for the new data object, authorization to issue awrite request for the revised version of the existing data object, andauthorization to issue updated ACL information regarding the new dataobject or the revised version of the existing data object; when thewrite request is regarding the revised version of the existing dataobject and the write authority includes the authorization to issue thewrite request for the revised version of the existing data object andthe authorization to issue the updated ACL information regarding therevised version of the existing data object, and the write authorityfurther includes a range of permissible revisions for the revisedversion of the existing data object: determining, by the storage unit,whether a revision number of the revised version of the existing dataobject is within the range of permissible revisions; when the revisionnumber is within the range of permissible revisions: storing, by thestorage unit, the at least the encoded data slice of the revised versionof the existing data object; and updating, by the storage unit, thelocally stored access control list based on the updated ACL information;and when the revision number is not within the range of permissiblerevisions, denying, by the storage unit, the write request; when thewrite request is regarding the new data object: determining, by thestorage unit, that the requesting entity is authorized to issue thewrite request for the new data object and to issue the updated ACLinformation regarding the new data object, wherein the determining thatthe requesting entity is authorized to issue the write request for thenew data object and to issue the updated ACL information regarding thenew data object comprises: extracting, by the storage unit, a signedcertificate from the write request; and verifying, by the storage unit,the signed certificate to establish authorization to issue the writerequest for the new data object and to issue the updated ACL informationregarding the new data object; storing, by the storage unit, the atleast the encoded data slice of the new data object; and updating, bythe storage unit, the locally stored access control list based on theupdated ACL information regarding the new data object.
 2. The method ofclaim 1, wherein the determining whether the data object is the new dataobject or the revised version of the existing data object comprises:interpreting, by the storage unit, a revision number field of the name.3. The method of claim 1 further comprises: when the write request isregarding the revised version of the existing data object and the writeauthority includes the authorization to issue the write request for therevised version of the existing data object but not the authorization toissue the updated ACL information regarding the revised version of theexisting data object: storing, by the storage unit, the at least theencoded data slice of the revised version of the existing data object;accessing, by the storage unit, a trusted source.
 4. The method of claim3 wherein accessing, by the storage unit, the trusted source includes:authenticating the requesting entity's write authorization to issue theupdated ACL information regarding the revised version of the existingdata object.
 5. The method of claim 3 wherein accessing, by the storageunit, the trusted source includes: obtaining the updated ACL informationregarding the revised version of the existing data object.
 6. The methodof claim 1 further comprises: when the write request is regarding therevised version of the existing data object and the write authority doesnot include the authorization to issue the write request for the revisedversion of the existing data object, sending, by the storage unit, awrite request rejection message to the requesting entity.
 7. The methodof claim 1, wherein the data segment is encoded using a dispersedstorage error encoding function to produce the set of encoded dataslices.
 8. A dispersed storage (DS) module of a dispersed storagenetwork (DSN), the DS module comprises: an interface; memory; andprocessing circuitry configured to perform operations that include:receiving, by a storage unit of a dispersed storage network (DSN) andfrom a requesting entity of the DSN, a write request for storing a dataobject, wherein the write request includes at least an encoded dataslice of a set of encoded data slices of the data object and a nameidentifying the data object, wherein a data segment of the data objectis dispersed error encoded; determining, by the storage unit, whetherthe data object is a new data object or a revised version of an existingdata object; determining, by the storage unit, write authority of therequesting entity based on information contained in a locally storedaccess control list (ACL), wherein the write authority includes, atleast one of, authorization to issue a write request for the new dataobject, authorization to issue a write request for the revised versionof the existing data object, and authorization to issue updated ACLinformation regarding the new data object or the revised version of theexisting data object; when the write request is regarding the revisedversion of the existing data object and the write authority includes theauthorization to issue the write request for the revised version of theexisting data object and the authorization to issue the updated ACLinformation regarding the revised version of the existing data object,and the write authority further includes a range of permissiblerevisions for the revised version of the existing data object:determining, by the storage unit, whether a revision number of therevised version of the existing data object is within the range ofpermissible revisions; when the revision number is within the range ofpermissible revisions: storing, by the storage unit, the at least theencoded data slice of the revised version of the existing data object;and updating, by the storage unit, the locally stored access controllist based on the updated ACL information; and when the revision numberis not within the range of permissible revisions, denying, by thestorage unit, the write request; when the write request is regarding thenew data object: determining, by the storage unit, that the requestingentity is authorized to issue the write request for the new data objectand to issue the updated ACL information regarding the new data object,wherein the determining that the requesting entity is authorized toissue the write request for the new data object and to issue the updatedACL information regarding the new data object comprises: extracting, bythe storage unit, a signed certificate from the write request; andverifying, by the storage unit, the signed certificate to establishauthorization to issue the write request for the new data object and toissue the updated ACL information regarding the new data object;storing, by the storage unit, the at least the encoded data slice of thenew data object; and updating, by the storage unit, the locally storedaccess control list based on the updated ACL information regarding thenew data object.
 9. The DS module of claim 8, wherein the determiningwhether the data object is the new data object or the revised version ofthe existing data object comprises: interpreting, by the storage unit, arevision number field of the name.
 10. The DS module of claim 8, whereinthe operations further include: when the write request is regarding therevised version of the existing data object and the write authorityincludes the authorization to issue the write request for the revisedversion of the existing data object but not the authorization to issuethe updated ACL information regarding the revised version of theexisting data object: storing, by the storage unit, the at least theencoded data slice of the revised version of the existing data object;accessing, by the storage unit, a trusted source.
 11. The DS module ofclaim 10, wherein accessing, by the storage unit, the trusted sourceincludes: authenticating the requesting entity's write authorization toissue the updated ACL information regarding the revised version of theexisting data object.
 12. The DS module of claim 10, wherein accessing,by the storage unit, the trusted source includes: obtaining the updatedACL information regarding the revised version of the existing dataobject.
 13. The DS module of claim 8, wherein the operations furtherinclude: when the write request is regarding the revised version of theexisting data object and the write authority does not include theauthorization to issue the write request for the revised version of theexisting data object, sending, by the storage unit, a write requestrejection message to the requesting entity.
 14. The DS module of claim8, wherein the data segment is encoded using a dispersed storage errorencoding function to produce the set of encoded data slices.
 15. Anon-transitory computer readable storage medium includes instructionsthat configure processing circuitry to perform operations that include:receiving, by a storage unit of a dispersed storage network (DSN) andfrom a requesting entity of the DSN, a write request for storing a dataobject, wherein the write request includes at least an encoded dataslice of a set of encoded data slices of the data object and a nameidentifying the data object, wherein a data segment of the data objectis dispersed error encoded; determining, by the storage unit, whetherthe data object is a new data object or a revised version of an existingdata object; determining, by the storage unit, write authority of therequesting entity based on information contained in a locally storedaccess control list (ACL), wherein the write authority includes, atleast one of, authorization to issue a write request for the new dataobject, authorization to issue a write request for the revised versionof the existing data object, and authorization to issue updated ACLinformation regarding the new data object or the revised version of theexisting data object; when the write request is regarding the revisedversion of the existing data object and the write authority includes theauthorization to issue the write request for the revised version of theexisting data object and the authorization to issue the updated ACLinformation regarding the revised version of the existing data object,and the write authority further includes a range of permissiblerevisions for the revised version of the existing data object:determining, by the storage unit, whether a revision number of therevised version of the existing data object is within the range ofpermissible revisions; when the revision number is within the range ofpermissible revisions: storing, by the storage unit, the at least theencoded data slice of the revised version of the existing data object;and updating, by the storage unit, the locally stored access controllist based on the updated ACL information; and when the revision numberis not within the range of permissible revisions, denying, by thestorage unit, the write request; when the write request is regarding thenew data object: determining, by the storage unit, that the requestingentity is authorized to issue the write request for the new data objectand to issue the updated ACL information regarding the new data object,wherein the determining that the requesting entity is authorized toissue the write request for the new data object and to issue the updatedACL information regarding the new data object comprises: extracting, bythe storage unit, a signed certificate from the write request; andverifying, by the storage unit, the signed certificate to establishauthorization to issue the write request for the new data object and toissue the updated ACL information regarding the new data object;storing, by the storage unit, the at least the encoded data slice of thenew data object; and updating, by the storage unit, the locally storedaccess control list based on the updated ACL information regarding thenew data object.
 16. The non-transitory computer readable storage mediumof claim 15, wherein the determining whether the data object is the newdata object or the revised version of the existing data objectcomprises: interpreting, by the storage unit, a revision number field ofthe name.
 17. The non-transitory computer readable storage medium ofclaim 15, wherein the operations further include: when the write requestis regarding the revised version of the existing data object and thewrite authority includes the authorization to issue the write requestfor the revised version of the existing data object but not theauthorization to issue the updated ACL information regarding the revisedversion of the existing data object: storing, by the storage unit, theat least the encoded data slice of the revised version of the existingdata object; accessing, by the storage unit, a trusted source.
 18. Thenon-transitory computer readable storage medium of claim 17, whereinaccessing, by the storage unit, the trusted source includes:authenticating the requesting entity's write authorization to issue theupdated ACL information regarding the revised version of the existingdata object.
 19. The non-transitory computer readable storage medium ofclaim 17, wherein accessing, by the storage unit, the trusted sourceincludes: obtaining the updated ACL information regarding the revisedversion of the existing data object.
 20. The non-transitory computerreadable storage medium of claim 15, wherein the operations furtherinclude: when the write request is regarding the revised version of theexisting data object and the write authority does not include theauthorization to issue the write request for the revised version of theexisting data object, sending, by the storage unit, a write requestrejection message to the requesting entity.